The task at hand: route traffic from different processes to 2 distinct wifi adapters. First adapter is switched to normal wifi, second to the router with persistent vpn connection. I need an ability to chose which process will use which adapter.
I have searched for solution and found very similar here: http://superuser.com/questions/271915/route-the-traffic-over-specific-interface-for-a-process-in-linux/1048913
So, just adapted the above solution a little bit to suit my needs and summarized my changes below.
You have to replace several things in this script first of all user name, my username is kr0st, which is not a terrible secret 🙂 Anyway, should be replaced with yours.
My second wifi adapter is called “wlx001ee5ef5604” by the OS, most likely your second network adapter is named differently.
Finally this is my gateway for the second wifi: 192.168.2.1, yours could be different as well.
Please note that script resets everything you have in your iptables! Change it if you can’t allow script to do that. The script should be run as root, btw.
As a final step the script runs an instance of Firefox in which you can search “my ip” and see if traffic really goes via this route and not the default one.
#!/bin/bash mkdir /sys/fs/cgroup/net_cls/vpnonly cd /sys/fs/cgroup/net_cls/vpnonly echo 0x00110011 > net_cls.classid iptables --flush iptables --table nat --flush iptables --delete-chain iptables -t mangle -A OUTPUT -m cgroup --cgroup 0x00110011 -j MARK --set-mark 11 iptables -t nat -A POSTROUTING -m cgroup --cgroup 0x00110011 -o wlx001ee5ef5604 -j MASQUERADE #!Run next line only once, all subsequent script calls should have it disabled #echo 11 vpnonly >> /etc/iproute2/rt_tables ip rule add fwmark 11 table vpnonly ip route add default via 192.168.2.1 table vpnonly for i in /proc/sys/net/ipv4/conf/*/rp_filter; do echo 0 > $i; done cgcreate -t kr0st:kr0st -a kr0st:kr0st -g net_cls:vpnonly cgexec -g net_cls:vpnonly firefox&