I’ve been looking into signing up for a VPN soon to run on my home server, for which I use a freedns domain name for access outside my home network. As such I need to have some traffic (mostly just a curl cronjob to let freedns know my ip) travel around the VPN; as I understand it, without a workaround I would be sending freedns the ip of my VPN service, which won’t help anybody.
From what I can tell my options are either a chroot jail using chroot, arch-chroot, or systemd-nspawn, or I could use iptables. At a google glance it seems like iptables would be a much more involved solution, and most of the walkthroughs I’ve found for this seem written by folks who don’t seem very confident in their knowledge of the tool. Seeing as how I’m not particularly familiar with iptables myself I’m leaning more towards the chroot jail, but I worry that it may consume too many system resources. I’m also unsure which option would be best for said jail; it seems like nspawn is the preferred method from the wiki, but I’m willing to listen to suggestions.
Thank you That opened up a whole new world of systemd containers for me. Also, it was nice to see appreciation for NUC. I too own it and it feels great to flaunt it…
This was beyond helpful! Thank you, very much. If you wouldn’t mind keeping this video up for a while, I have a flight soon and won’t get a chance to play around until later today. Can’t wait to try it out
Thank you for the reply! I’m still not particularly confident in my understanding of how to do this, but I really want to know (mostly for my own edification). Am I allowed to use a url for the destination IP, thus allowing me to simply copy the url that I target with curl? I’m not entirely sure what the gateway should look like, but would using the local ip of my router work? Or is there some internal target I should use?
This seems like it should work based on my limited knowledge, but would it?
No. Routing tables only operate on ip addresses. You will need to determine the ip(s) used by the domain. One way is with the drill command: “drill www.google.com”
That opened up a whole new world of systemd containers for me. Also, it was nice to see appreciation for NUC. I too own it and it feels great to flaunt it…