On Wed, 14 Oct 2015 22:36:24 +0200, Gert Doering wrote:
> Hi,
>
> On Wed, Oct 14, 2015 at 08:42:08AM +0000, Hongyi Zhao wrote:
>> I've tried with the OUTPUT chain, but still it failed for me to access
>> google.com via openvpn.
>
> I think your approach is a bit too complicated - why bother with marking
> anyway? "ip rule" can apply directly to destination prefixes ("ip rule
> to 8.8.8.8 table ...").
Yes, you're right. It can be done simple by using the method like this:
sudo ip rule add to 8.8.8.8/32 table openvpn
[...]
But for my case, I've a lot of network addresses blocks which I want to
them routed via the vpn. In this case, if I directly use the ``ip rule''
command to add all of these network addresses blocks, I'll have so many
entries in the ip rule list.
Furthermore, the ``ip rule'' command doesn't has the save and restore
options. While both the ipset and the iptables commands have the save
and restore options which let me conveniently export and import all of my
settings fastly.
Regards
>
> gert
--
.: Hongyi Zhao [ hongyi.zhao AT gmail.com ] Free as in Freedom :.
------------------------------------------------------------------------------
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
