All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Proxy/VPN torrent
I would like to run my torrent client behind a proxy / VPN set up on another server of mine.
I'm using Deluge on Debian as torrent client and I've already tried to use the SOCKS proxy by SSHing to the other server but it partially works:
- With Deluge 1.3.3 / python-libtorrent 0.15.10 / Debian Wheezy: UDP doesn't work at all, so if torrent trackers are only UDP it will never start.
- With Deluge 1.3.6 / python-libtorrent 0.16.17 / Debian Sid: UDP works and if I check the announced IP with http://ipleak.net I see the proxy IP. However the IPv6 address is the real one and once the torrent is started the normal IPv4 is used to send data between peers.
Since torrent clients and proxies doesn't seems to go well together I would like to use a VPN but it should be applied only on the torrent client and not to all the server traffic.
I've read that it's possible with iptables to forward all traffic of a specific user to OpenVPN but I have no idea how to do it.
The other solution could be to run them in a OpenVZ container where the VPN get applied globally, but I'm not sure how should the NAT on the host configured as the traffic should go trough the VPN.
Comments
Hi,
it's definitely possible with iptables.
I used the following setup to proxy all traffic from the user "yacy" through a VPN on 10.10.0.0/24.
Some explanations:
tun1
and has the IP10.10.0.10
yacy
eth0
)Note: You may want to run the same iptables-rules for IPv6.
If someone else has a better solution, please let me know
The best,
gehaxelt
make a virtualbox , setup vpn
Oh, please no. We hackers are too lazy for that. :P
http://unix.stackexchange.com/questions/66203/how-do-i-route-traffic-through-specific-interface-for-a-specific-process
http://unix.stackexchange.com/questions/28571/redirect-traffic-through-vpn-on-an-as-needed-basis
Might give more insight to @gehaxelt's suggestion. Hopefully you are running deluge under a dedicated and restricted user. And you also need to make sure that OpenVPN is not pushing default gateways.
@gehaxelt awesome, thank you. I've used Nyr openvpn setup script, added "route-nopull" to the config file and ran your commands.
I'm now trying to access the WebUI which runs on port 8112 but it doesn't work
If I try to ping/traceroute 10.8.0.6 it doesn't work either.
About IPv6 I'm not sure if OpenVPN supports it, the test VPS I'm using doesn't have IPv6 so I can't test it now.
I've found this snipped on deluge forums (which assume a configured port set):
But with the VPN wouldn't the incoming UDP packets get blocked anyway if no forwarding is set-up?
Hi,
well there are a lot of things that can fail/make the ping/traceroute inoperable.
I assume that OpenVPN establishes the connection without problems?
Not sure if I can help you. Maybe you could provide some more information:
On the VPN host:
On the VPN client:
What is the ouput of:
As which user are you trying to ping the VPN host? Did you adjust the iptable-statements correctly?
The best,
gehaxelt
Yes the setup works fine. It connects correctly to OpenVPN and traffic from the specified user go trough the VPN.
Host (VPN server)
Client
What I'm trying to do now is to forward port 8112 to the client, but when I try to ping/traceroute the client IP (10.8.0.6) from the host it can't connect.
From client to server
From server to client
Hmm, that's strange.
Are there any iptable-restrictions on the client?
There shouldn't be any
If I ping/traceroute the public IPv4 of the client it works
If it can help:
Host (OpenVZ VPS)
Client (VMware VPS)