[strongSwan] Forcing all traffic from a specific user to use Strongswan

Phil Frost phil at postmates.com
Thu May 17 15:16:48 CEST 2018


One way to go would be configuring a route based VPN[1]. Then you can use
all kinds of Linux routing tricks to get just that user's traffic over the
VPN by directing it to the vti interface. For example you could launch that
user's processes in a network namespace, or use the "owner" module of
iptables to match traffic from processes run as that user and mangle them
to use the VPN.

  [1]: https://wiki.strongswan.org/projects/strongswan/wiki/RouteBasedVPN

On Thu, May 17, 2018 at 9:25 AM Gilles Printemps <gprintemps at gmail.com>
wrote:

> Hi,
> Is there a way to force all the traffic from a specific linux user to be
> routed through the VPN?
> I would like to use the split tunnelling but I don't understand how to
> configure Strongswan?
>
> Thanks for your help / BR Gilles
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180517/e37f1ccd/attachment.html>


More information about the Users mailing list