On Fri, 2017-01-27 at 23:55 +0000, Patrick O'Callaghan wrote:
On Fri, 2017-01-27 at 14:53 -0800, Mike Wright wrote:
> On 01/27/2017 02:36 PM, Patrick O'Callaghan wrote:
> > I have a subscription to a commercial VPN provider and would like to
> > configure certain applications to always use VPN connections as far as
> > the provider while everything else goes through as normal. Note that
> > this needs to work for arbitrary remote sites so the VPN is basically
> > acting as a proxy rather than me controlling both ends of the
> > connection, so e.g. an SSH tunnel won't do it.
> >
> > I looked into this a while ago and there are several suggestions on the
> > Web as to how to do this on Linux, but those I tried didn't work for
> > me. At least one idea seemed to involve setting up an alternate network
> > name space with its own routing, but it's been a while and I'm afraid
I
> > didn't take note of the details.
>
> Hi Patrick,
>
> Stéphane Graber of Ubuntu's LXC/D container world has done several
> things with VPN from passing the vpn to a container where the container
> sees it as just another eth device, to managing his sundry VPN
> connections via namespacing.
>
> His words:
>
> """
> The code is available at: git clone
>
git://github.com/stgraber/vpn-container. Then it’s as simple as:
> ./start-vpn VPN-NAME CONFIG
> """
>
> The approach is discussed at
https://www.stgraber.org/category/lxc/.
> Search for VPN in containers for the specific section.
Thanks. The versions I'd seen before didn't involve containers but I'll
take a look.
Decided to try this, but there's a dependency on something called
uidmap which doesn't seem to exist for Fedora (according to both dnf
search and Google).
Other ideas are welcome.
poc