How to forward hostapd (access point) traffics to VPN

/usr/sbin/ip route add default dev [dev.vpn] table [tbl.no]
/usr/sbin/ip rule add iif [dev.ap] table [tbl.no]

[dev.vpn] is a vpn device name. (e.g. tun0)
[dev.ap] is an access point (wlan) device name. (e.g. wlan0)
[tbl.no] is a desired table number which is not reserved, and can be replaced by string name if you add one in /etc/iproute2/rt_tables

to disable VPN forwarding,

/usr/sbin/ip route flush table [tbl.no]

Leave a Reply