本来用浏览器插件+ss翻墙翻的好好的,结果最近不知道哪里抽风,一访问google就给我跳转到”We are sorry”页面,提示说电脑自动向google发送了一些奇怪的东西,不过使用vpn则没有这个问题。

但使用vpn则无法访问公司内网,关于这点mac上处理的就非常好,当同时使用多个vpn时mac会自动根据访问目标不同而切换不同的vpn线路。既然fedora上没有自动切换功能,但同为的*unix系统肯定是有解决办法的。

目标:使用vpn翻墙同时能访问公司内网

达成目标的核心原理就是路由表,未使用vpn时路由表如下:

1
2
3
4
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG 1024 0 0 enp2s0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 enp2s0
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0

当链接vpn后路由表变化为:

1
2
3
4
5
6
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0 0.0.0.0 0.0.0.0 U 1024 0 0 ppp0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 enp2s0
192.168.3.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
198.74.121.155 192.168.0.1 255.255.255.255 UGH 0 0 0 enp2s0

同时网卡信息如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
enp2s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
inet 192.168.0.37 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::b283:feff:fe9c:474b prefixlen 64 scopeid 0x20<link>
ether b0:83:fe:9c:47:4b txqueuelen 1000 (Ethernet)
RX packets 202847 bytes 212380485 (202.5 MiB)
RX errors 0 dropped 276 overruns 0 frame 0
TX packets 110180 bytes 12264625 (11.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 8165 bytes 8007889 (7.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8165 bytes 8007889 (7.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ppp0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1400
inet 192.168.3.220 netmask 255.255.255.255 destination 192.168.3.1
ppp txqueuelen 3 (Point-to-Point Protocol)
RX packets 81 bytes 42977 (41.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 92 bytes 17147 (16.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

既然原理就是添加路由信息,那么使用route add命令即可,指定4段网络使用原来的0.1:

1
sudo route add -net 192.168.4.0 netmask 255.255.255.0 gw 192.168.0.1 dev enp2s0

添加后如下:

1
2
3
4
5
6
7
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0 0.0.0.0 0.0.0.0 U 1024 0 0 ppp0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 enp2s0
192.168.3.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.4.0 192.168.0.1 255.255.255.0 UG 0 0 0 enp2s0
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
198.74.121.155 192.168.0.1 255.255.255.255 UGH 0 0 0 enp2s0

这样再访问4段内网就可以了。