[CentOS] IP forwarding and OpenVPN

Thu Nov 4 15:09:43 UTC 2010
Bart Schaefer <barton.schaefer at gmail.com>

On Thu, Nov 4, 2010 at 7:56 AM, Emmett Culley <emmett at webengineer.com> wrote:
> On 11/04/2010 07:50 AM, Bart Schaefer wrote:
>> Maybe the simplest thing is to change the question:  How can I cause
>> packets forwarded from my LAN to avoid the VPN and go out via the
>> regular default route?
> You can ad a line like:
> push "route"
> to the server's configuration file.

Thanks for the suggestion, but (1) I don't have control of the server
configuration and (2) I'm not sure that would work anyway, as what I
want is for packets that come *from* network to (not) be
routed over the VPN, except for those that originate from  Do I misunderstand what that push command will

Regarding (1) I do have a local openvpn-startup script that runs when
the VPN comes up, to which I could add my own route or iptables
commands.  In fact it currently contains:
  iptables -A FORWARD -i tun+ -j ACCEPT
which I should have mentioned before.