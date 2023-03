#!/bin/bash # Creating the vpn network namespace sudo ip netns add vpn # create the interface sudo ip link add v-eth1 type veth peer name v-peer1 # add the v-peer1 to the namespace vpn sudo ip link set v-peer1 netns vpn # set IP to the interface in root namespace sudo ip addr add 10.200.1.1/24 dev v-eth1 # make the interface active sudo ip link set v-eth1 up # add ip to the interface in the vpn namespace with a corresponding netmask. sudo ip netns exec vpn ip addr add 10.200.1.2/24 dev v-peer1 # make the interface active sudo ip -n vpn link set v-peer1 up # add a loopback interface in vpn namespace sudo ip -n vpn link set lo up # make the traffic in vpn namespace go to root namespace through veth sudo ip -n vpn route add default via 10.200.1.1 # Enable IP forwarding sudo echo 1 > /proc/sys/net/ipv4/ip_forward sudo echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf # Iptables # Flush forward rules, policy DROP by default. sudo iptables -P FORWARD DROP sudo iptables -F FORWARD # Flush nat rules. sudo iptables -t nat -F # Enable masquerading of 10.200.1.0. sudo iptables -t nat -A POSTROUTING -s 10.200.1.0/24 -o eth0 -j MASQUERADE # Allow forwarding between eth0 and v-eth1. sudo iptables -A FORWARD -i eth0 -o v-eth1 -j ACCEPT sudo iptables -A FORWARD -o eth0 -i v-eth1 -j ACCEPT # Allow all output traffic sudo iptables -P OUTPUT ACCEPT # DNS Configuration sudo mkdir -p /etc/netns/vpn sudo echo "nameserver 1.1.1.1" > /etc/netns/vpn/resolv.conf sudo echo "nameserver 1.0.0.1" >> /etc/netns/vpn/resolv.conf # Run Wireguard and start qBittorrent sudo ip netns exec vpn wg-quick up NAME_OF_CONFIG_FILE && sudo ip netns exec vpn runuser $USER -c "qbittorrent" # Change resolv.conf to use local network's DNS (192.168.0.1) sudo echo "nameserver 192.168.0.1" >> /etc/resolv.conf