I want to run a script with iptables rules to be used when connecting/disconnecting. When I try to run the client, I get this error.
Code: Select all
/etc/openvpn/server1up.sh tun1 1500 1570 10.8.1.14 10.8.1.13 init
modprobe: ERROR: could not insert 'ip_tables': Operation not permitted
iptables v1.6.0: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
Thu Oct 31 17:45:40 2019 us=540401 WARNING: Failed running command (--up/--down): external program exited with error status: 3
Thu Oct 31 17:45:40 2019 us=540434 Exiting due to fatal error
Client config:
Code: Select all
client
dev tun1
proto udp
remote x.x.x.x 1199
;user nobody
;group nogroup
resolv-retry infinite
nobind
persist-key
persist-tun
cipher AES-128-CBC
auth SHA256
comp-lzo
verb 5
log client2.log
auth-nocache
remote-cert-tls server
script-security 2
up /etc/openvpn/server1up.sh
down /etc/openvpn/server1down.sh
Code: Select all
659673 -rwxr-xr-x 1 root root 1708 Oct 31 15:52 ca.crt
659806 -rwxr-xr-x 1 root root 1704 Oct 31 15:52 ca.key
659911 -rwxr-xr-x 1 root root 22539 Oct 31 17:45 client2.log
659904 -rwxr-xr-x 1 root root 424 Oct 31 15:52 dh2048.pem
659906 -rwxr-xr-x 1 root root 547 Oct 31 15:54 server1.conf
659908 -rwxr-xr-x 1 root root 186 Oct 31 15:55 server1down.sh
659905 -rwxr-xr-x 1 root root 20211 Oct 31 17:25 server1.log
659907 -rwxr-xr-x 1 root root 185 Oct 31 17:37 server1up.sh
659903 -rwxr-xr-x 1 root root 636 Oct 31 15:52 ta.key
659809 -rwxr-xr-x 1 root root 1301 May 8 15:50 update-resolv-conf
659910 -rwxr-xr-x 1 root root 6212 Oct 31 17:46 VPN_client_2.conf
659901 -rwxr-xr-x 1 root root 5565 Oct 31 15:52 vpnserver1.crt
659902 -rwxr-xr-x 1 root root 1704 Oct 31 15:52 vpnserver1.key
Code: Select all
#!/bin/bash
/sbin/ip rule add from 10.8.0.0/24 table vpn_net
/sbin/ip route add default dev tun1 table vpn_net
/sbin/iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o tun1 -j MASQUERADE