There must be something else going on. Can you run
sudo tcpdump -eni any tcp port 22
while you try to connect the SSH, voth with and without the VPN running, and post the output?
Type: Posts; User: The Cog; Keyword(s):
There must be something else going on. Can you run
sudo tcpdump -eni any tcp port 22
while you try to connect the SSH, voth with and without the VPN running, and post the output?
OK, Got it. This works - I verified with tcpdump that I can change the next-hop MAC address the packets are sent to:
# Make a new routing table with a different default route
ip route add default...
Hmm, I'm having difficulty finding good documentation on iptables and which filter tables can be used when. But I don't think output packets from the local PC actually pass through the PREROUTING...
If you want to send different protocols in different directions, I think you need to set up different routing tables and mark packets as to which forwarding table they should use. Remember that you...