Last active
May 19, 2026 08:00
-
-
Save ninlith/465834a440ce1d6bbfa482b09f497dee to your computer and use it in GitHub Desktop.
Transfers OpenVPN tunnel interface to a network namespace as its only non-localhost interface.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Transfers VPN tunnel interface to a network namespace as its only | |
| # non-localhost interface. | |
| # | |
| # Based on <https://github.com/slingamn/namespaced-openvpn>. | |
| ip netns add protected | |
| ip netns exec protected ip link set lo up | |
| openvpn "$@" --ifconfig-noexec --route-noexec --script-security 2 \ | |
| --dev tun --dev-type tun --disable-dco \ | |
| --route-up '/bin/sh -c "sudo ip link set $dev netns protected; \ | |
| sudo ip netns exec protected ip link set $dev up; \ | |
| sudo ip netns exec protected ip addr add $ifconfig_local peer $route_vpn_gateway/32 dev $dev; \ | |
| sudo ip netns exec protected ip route add default dev $dev"' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment