How to send HTTP request issued by cURL through VPN?
for accessing only certain websites
Really the simlpest way to do this would be via HTTP proxies - and push the routing choices out to the berowser via a PAC file.
or when the ISP for Server-A is down for some reason
That needs a very different solution - using routing (either in iptables or via iproute2).
The VPN isn't actually required - but if you want to run a remote HTTP proxy and not have it used by every interent fraudster who can find it (*) then you MUST have some method for restricting client access to the service - a VPN is a good way way to achieve that.
*) I now see more attempts to find open web proxies than open SMTP relays on the boxes I look after
Related videos on Youtube
maringtr
Updated on September 18, 2022Comments
-
maringtr over 1 year
Please excuse me for (probably) the noob question, but I am very new to Linux networking. I've already spent a few days searching the Internet for an answer to my question, but was unable to find one, so I decided to post a question over here, because I know a lot of skilled professionals visit this site.
Anyway, on to the actual question: I have two servers available. Let's call them Server-A and Server-B. I have established a VPN tunnel between Server-A and Server-B using OpenSWAN. I have assigned the source IPs: 192.168.2.1 for Server-A and 172.16.2.1 for Server-B. I am successfully able to ping 172.16.2.1 from Server-A and 192.168.2.1 from Server-B, so I'm assuming I've set the VPN up properly and both servers are able to communicate.
Now, on Server-A, I want to be able to do this:
When I issue an HTTP request through libcurl like this:
I'd want to see the request going out through Server-A's public IP address.
However, when I issue:
curl --interface 192.168.2.1 same_url_as_in_the_above_request
I'd want the request to go through the VPN, in order to use Server-B's Internet access, so I would expect to see Server-B's public IP address listed in the checkip response.
Right now, when I issue a request like this, I'm receiving the following error:
curl(7) : couldn't connect to host
What can I do to achieve this, or am I entirely on the wrong path? All I want to be able to do is use Server-B's Internet access from Server-A for accessing only certain websites, or when the ISP for Server-A is down for some reason. I don't need to automate that, just want to be able to do this manually, whenever needed.
I'd suppose I'd need to do some routing or NAT, but I have no idea what to do exactly - I've read a lot of materials in the past couple of days, but it's hard for me to figure out what the exact iptables and/or route commands should look like, and if at all setting up a VPN is the correct solution.
I'm really hoping someone here will be able to give me an advice, and I'm really sorry if I made you all laugh with a noob question like this.
Best regards!
-
Danie about 11 yearsWhat if you specified the VPN interface instead of the IP?
-
maringtr about 11 yearsSame thing: curl(7) : couldn't connect to host
-
-
maringtr about 11 yearsI prefer not to run an HTTP proxy, so I'm rather pursuing the latter solution. Can you please give me (or link me to) an example on what routing rules I have to use in iptables?