Hey all, using open media vault and would like to route deluge traffic through a PIA VPN. I followed the debian 8 tutorial and compiled openvpn from scratch. My home IP subnet is 10.0.100.1/24 Here is my ip addr output:
Here is my iptables -S output:
Here is my iptables -L output:
I don't have fail2ban or ufw installed. If there's any other info you need let me know.
Code:
sudo -u vpn -i -- ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 32:9a:b8:5a:a1:ae brd ff:ff:ff:ff:ff:ff
inet 10.0.100.11/24 brd 10.0.100.255 scope global eth0
valid_lft forever preferred_lft forever
3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
link/none
inet 10.0.101.1 peer 10.0.101.2/32 scope global tun0
valid_lft forever preferred_lft forever
4: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:3a:a1:62:4b brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
10: vethf3b4a0a@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether b6:8f:59:c8:01:d7 brd ff:ff:ff:ff:ff:ff
12: vethcd57467@if11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 2e:48:4a:d0:3f:e4 brd ff:ff:ff:ff:ff:ff
15: tun1: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
link/none
inet 10.50.10.6 peer 10.50.10.5/32 scope global tun1
valid_lft forever preferred_lft forever
Code:
sudo iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N DOCKER
-N DOCKER-ISOLATION
-N DOCKER-USER
-A INPUT -i tun0 -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A INPUT -i tun0 -j REJECT --reject-with icmp-port-unreachable
-A OUTPUT -o lo -m owner --uid-owner 1005 -j ACCEPT
-A OUTPUT -o tun0 -m owner --uid-owner 1005 -j ACCEPT
-A OUTPUT ! -s 10.0.100.11/32 -o eth0 -j REJECT --reject-with icmp-port-unreachable
Code:
sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere ctstate ESTABLISHED
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere owner UID match vpn
ACCEPT all -- anywhere anywhere owner UID match vpn
REJECT all -- !10.0.100.11 anywhere reject-with icmp-port-unreachable
Chain DOCKER (0 references)
target prot opt source destination
Chain DOCKER-ISOLATION (0 references)
target prot opt source destination
Chain DOCKER-USER (0 references)
target prot opt source destination