From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on sa.int.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.2.5 Date: Thu, 5 Nov 2009 20:54:43 +0300 From: Alexey Morsov To: ALT Linux sysadmin discuss Message-ID: <20091105175442.GA8402@ricom.ru> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="k1lZvvs/B4yU6o8G" Content-Disposition: inline User-Agent: Mutt/1.5.20 (2009-06-23) X-Virus-Scanned: by amavisd-new at ricom.ru Subject: [Sysadmins] openvpn in openvz VE X-BeenThere: sysadmins@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux sysadmin discuss List-Id: ALT Linux sysadmin discuss List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Nov 2009 17:55:00 -0000 Archived-At: List-Archive: --k1lZvvs/B4yU6o8G Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable =D0=9C=D0=BE=D0=B6=D0=B5=D1=82 =D1=8F =D0=B8 =D0=BE=D1=82=D0=BA=D1=80=D1=8B= =D0=BB =D0=B0=D0=BC=D0=B5=D1=80=D0=B8=D0=BA=D1=83, =D0=BD=D0=BE =D0=BC=D0= =BE=D0=B6=D0=B5=D1=82 =D0=BA=D0=BE=D0=BC=D1=83 =D0=BF=D1=80=D0=B8=D0=B3=D0= =BE=D0=B4=D0=B8=D1=82=D1=81=D1=8F =D0=98 =D1=82=D0=B0=D0=BA - =D0=B8=D0=BC=D0=B5=D0=B5=D0=BC: openvz VE =D0=B2 =D0=BA=D0=BE=D1=82=D0=BE=D1=80=D0=BE=D0=BC openvpn =D1=81= =D0=B5=D1=80=D0=B2=D0=B5=D1=80. =D0=A6=D0=B5=D0=BB=D1=8C. =D0=94=D0=B0=D1= =82=D1=8C =D0=B4=D0=BE=D1=81=D1=82=D1=83=D0=BF =D0=BF=D0=BE vpn =D0=BA =D0= =BB=D0=BE=D0=BA=D0=B0=D0=BB=D1=8C=D0=BD=D0=BE=D0=B9 =D1=81=D0=B5=D1=82=D0=BA=D0=B5. 1. =D1=81=D0=B5=D1=80=D0=B2=D0=B5=D1=80 vpn =D1=81=D1=82=D0=B0=D0=B2=D0=B8= =D0=BC =D0=BA=D0=B0=D0=BA =D0=BD=D0=B0=D0=BF=D0=B8=D1=81=D0=B0=D0=BD=D0=BE = =D0=B2 http://openvpn.net/index.php/open-source/documentation/howto.html 2. =D0=BF=D0=BE=D1=82=D0=BE=D0=BC =D0=B4=D0=B5=D0=BB=D0=B0=D0=B5=D0=BC =D0= =BA=D0=B0=D0=BA =D1=81=D0=BA=D0=B0=D0=B7=D0=B0=D0=BD=D0=BE =D0=B2 http://wiki.openvz.org/VPN_via_the_TUN/TAP_device 3. =D0=B4=D0=B0=D0=BB=D0=B5=D0=B5 =D0=B4=D0=BE=D0=B1=D0=B0=D0=B2=D0=BB=D1= =8F=D0=B5=D0=BC =D0=BC=D0=B0=D0=B3=D0=B8=D1=87=D0=BD=D1=83 =D1=81=D1=82=D1= =80=D0=BE=D1=87=D0=BA=D1=83 =D0=B2 iptables *VE =D1=81 vpn* (=D0=B5=D1=81= =D0=BB=D0=B8 =D0=BD=D0=B5 =D0=BF=D0=BE=D0=BB=D1=83=D1=87=D0=B0=D0=B5=D1=82=D1=81=D1=8F =D1=82=D0=BE = =D1=81=D0=BC. =D1=81=D1=81=D1=8B=D0=BB=D0=BA=D0=B8 =D0=BF.2) iptables -t nat -A POSTROUTING -o venet0 -s <=D0=BD=D0=B0=D1=88=D0=B0 = vpn =D1=81=D0=B5=D1=82=D0=BA=D0=B0> -j SNAT --to-source =D0=B2=D1=80=D0=BE=D0=B4=D0=B5 =D0=BD=D0=B5 =D0=B7=D0=B0=D0=B1=D1=8B=D0= =BB =D0=BD=D0=B8=D1=87=D0=B5=D0=B3=D0=BE. =D0=9D=D1=83.. =D0=B0, =D0=B2=D0= =BE=D0=B7=D0=BC=D0=BE=D0=B6=D0=BD=D0=BE (=D1=87=D0=BE=D1=80=D1=82 =D0=BD=D0= =B5 =D0=BF=D0=BE=D0=BC=D0=BD=D1=8E) =D0=B5=D1=89=D0=B5 =D0=BD=D0=B0 HN =D0=BD=D0=B0=D0=B4=D0=BE =D0=B4=D0=BE=D0=B1=D0=B0=D0=B2=D0=B8=D1=82=D1=8C: ip route add <=D0=BD=D0=B0=D1=88=D0=B0 vpn =D1=81=D0=B5=D1=82=D0=BA=D0=B0= > via dev venet0 --=20 WBR,=D0=90=D0=BB=D0=B5=D0=BA=D1=81=D0=B5=D0=B9 =D0=9C=D0=BE=D1=80=D1=81=D0= =BE=D0=B2 =D0=BF=D1=80=D0=BE=D0=B3=D1=80=D0=B0=D0=BC=D0=BC=D0=B8=D1=81=D1=82 =D0=97= =D0=90=D0=9E "=D0=98=D0=9A "=D0=A0=D0=B8=D0=BA=D0=BE=D0=BC-=D0=A2=D1=80=D0= =B0=D1=81=D1=82" Jabber: samurai@www.fondmarket.ru ALT Linux Team Member =D0=95=D1=81=D1=82=D1=8C =D1=82=D1=83=D1=82 =D1=83 =D0=BC=D0=B5=D0=BD=D1=8F= =D0=B2=D0=BE=D0=B7=D0=BC=D0=BE=D0=B6=D0=BD=D0=BE=D1=81=D1=82=D1=8C =D0=B2= =D1=8B=D0=BF=D1=80=D0=BE=D1=81=D0=B8=D1=82=D1=8C =D0=B6=D0=B5=D0=BB=D0=B5= =D0=B7=D0=BD=D1=8B=D0=B5 IP-=D1=82=D0=B5=D0=BB=D0=B5=D1=84=D0=BE=D0=BD=D1=8B =D0=BF=D0=BE=D1=82=D0=B5=D1=81=D1=82=D0=B8=D1=80=D0=BE=D0=B2=D0=B0=D1=82=D1= =8C, =D0=BD=D0=BE =D0=BA=D0=BE=D1=88=D0=BA=D1=83 =D1=81 =D0=B3=D0=BE=D0=BB= =D0=BE=D1=81=D0=BE=D0=BC =D0=BC=D0=BD=D0=B5 =D0=BD=D0=B8=D0=BA=D1=82=D0=BE = =D0=BD=D0=B5 =D0=B4=D0=B0=D1=81=D1=82. -- alb in devel@ --k1lZvvs/B4yU6o8G Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJK8xFiAAoJEKYzuLoFSr5ycpcIAIdtohQdHxJfIKxtB37rxWnj 8Y4/x7ll3YyBoTIJB46eHLfrdvZ9W65cUW55SsHdcCQb4mRFZ8UzmEbVGV27H0Lq dMwpGe96vp6BQF2X5nLkKiQQAcf0wu+we7w9Vj7lw/lQEn0axiZjb0HU2cUdQ0cG Pynm/ZrBtwwkrCRxA53nUzH4Xj3xTCSbDaKpK9r3Nb4RMTbLNyaaiiSIz63X4hqW H/VmGOEmoU3CAxBWn9I313VN8pJfkCL2rO82KvfypAF+V2IyqtB4ddqpYzmCLNEn dSp4F+Xyi5CjrBpJWZPmvc18L/ctrPA6UgPy8EQlNnIs/2LV/+y7GZ2I3l6inKc= =iIiA -----END PGP SIGNATURE----- --k1lZvvs/B4yU6o8G--