0x79 - a blog

Work in progress.

Routing all traffic through VPN: iptables

There are a couple of good tutorials on how to set up your own OpenVPN server (e.g. here, here, or here). To route all traffic through VPN, you need to set up some iptables on the server, which is also well documented. This post is about a problem i encountered that was not described anywhere: on every reboot of your machine the iptables are reset.

To solve this, you want to save your iptables to a file and load them on the startup of the network interfaces.

  1. Setup iptables as usual:

    iptables -t nat -A POSTROUTING -s -o eth0 -j MASQUERADE
  2. Save your currently active rules to a file with iptables-save:

    iptables-save > /etc/iptables-up.rules
  3. We can load now our file with iptables-restore when the network interfaces are started. This is done on post-up in /etc/network/interfaces. Notice, that you have to put it right after the interface you want to tunnel the traffic through (not just at the end of the file)

    iface eth0 inet dhcp
      post-up /sbin/iptables-restore < /etc/iptables-up.rules