home to VPS to Paid/Commercial VPN service
Posted: Sat Jul 29, 2017 7:32 am
Is this possible? I am thinking this just adds a layer of privacy which may be desirable. Paid/commercial VPN service logs only record VPS IP accessing and VPS does not log which sites are accessed via paid/commercial VPN service.
I have seen http://www.linksysinfo.org/index.php?th ... ent.72103/ but I don't know if it's what I am after.
Basically VPS acts both as OpenVPN server (so that home machine can access with client) and as OpenVPN client (to access paid VPN service).
let's say VPS ip is 2.2.2.2 with gateway 2.2.2.1 and paid/commercial VPN ip is 3.3.3.3. tun0 is openvpn server device on VPS and tun1 is openvpn client device on VPS.
So far I'm thinking:
I am trying to follow http://www.linksysinfo.org/index.php?th ... ent.72103/ but there is also https://ubuntuforums.org/showthread.php?t=1606136.
Am I on the right tracks? Has anyone got a solution? Thanks
I have seen http://www.linksysinfo.org/index.php?th ... ent.72103/ but I don't know if it's what I am after.
Basically VPS acts both as OpenVPN server (so that home machine can access with client) and as OpenVPN client (to access paid VPN service).
let's say VPS ip is 2.2.2.2 with gateway 2.2.2.1 and paid/commercial VPN ip is 3.3.3.3. tun0 is openvpn server device on VPS and tun1 is openvpn client device on VPS.
So far I'm thinking:
Code: Select all
ip route add default via 2.2.2.1 table 200
ip route flush cache
# disable reverse path filtering
for i in /proc/sys/net/ipv4/conf/*/rp_filter; do
echo 0 > $i
done
iptables -t nat -I POSTROUTING -o tun1 -j MASQUERADE
iptables -t mangle -I OUTPUT -p tcp --sport 1194 -j MARK --set-mark 0x88
ip rule add fwmark 0x88 table 200
Code: Select all
iptables -A INPUT -j ACCEPT -i tun0
iptables -A FORWARD -j ACCEPT -i tun0
iptables -A OUTPUT -j ACCEPT -o tun0
iptables -A INPUT -j ACCEPT -i tun1
iptables -A FORWARD -j ACCEPT -i tun1
iptables -A OUTPUT -j ACCEPT -o tun1