How to redirect traffic of only 1 site through VPN?

I

Ivan2020-01-24 13:44:38

VPN

Ivan, 2020-01-24 13:44:38

Hello. I write a bot in Telegram. The server is at my house. Due to the fact that the cart is blocked on the territory of the Russian Federation, it was necessary to cut the VPN on the server earlier. But half of the functions did not work in the bot, since they need a Russian ip address to work. I want to redirect only the site api.telegram.org via VPN, but I don’t know how to make MB via OpenVPN?

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

S

Sergey Pankov, 2020-01-24
@trapwalker

We solved the issue of access to the telegram API like this.
The standard cart API domain for bots is blocked by roscopozor, so the domain for accessing the API has been changed in the config of our bot.
Our VDS outside the jurisdiction of Roskompozor in the nginx config had the following entry:

server {
    listen tg.my_own_domain.ru:8079;
    server_name tg.my_own_domain.ru;
    access_log /var/log/nginx/tg.my_own_domain.ru-access.log;
    error_log /var/log/nginx/tg.my_own_domain.ru-error.log;
    location / {
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass https://api.telegram.org/;
        client_max_body_size 100M;
    }
}

S

sts, 2020-01-24
@stunoff

I added this to my openvpn config.
I found most of the addresses in Google - they are all with a mask of 255.255.255.0, and perhaps there will be extra ones. And the ips that he himself added come with a mask of 255.255.255.255 - that's exactly what they all need. As a result, my vpn works essentially only for the cart, if you get confused and delete extra ips, it will be fine in general.
# config for carts
route 104.19.198.151 255.255.255.255
route 104.22.1.43 255.255.255.255
route 108.177.14.100 255.255.255.255
route 149.154.160.0 255.255.255.0
route 149.154.164.0 255.255.255.0
route 149.154.167.0 255.255.255.0
route 149.154.168.0 255.255.255.0
route 149.154.171.0 255.255.255.0
route 149.154.172.0 255.255.255.0
149.154.175.0 255.255.255.0
route route 151.101.1.0 255.255.255.0
route 169.55.60.0 255.255.255.0
route 172.217.22.0 255.255.255.0
route 173.194.220.0 255.255.255.0
route 173.194.222.0 255.255.255.0
route 173.194.73.95 255.255.255.255
route 255.255.255.255
173.194.76.188 route 18.184.99.129 255.255.255.255
route 198.252.206.25 255.255.255.255
route 216.239.32.107 255.255.255.255
route 216.239.34.107 255.255.255.255
route 216.239.36.107 255.255.255.255
route 216.239.38.107 255.255.255.255
route 216.58 .211.3 255.255.255.255
route 31.13.72.52 255.255.255.255
route 52.6.232.194 255.255.255.255
54.93.254.234 255.255.255.255
route route 64.233.161.188 255.255.255.255
route 64.233.165.188 255.255.255.255
route 74.125.205.188 255.255.255.255
route 74.125.206.188 255.255.255.255
route 74.125.71.188 255.255.255.255
route 91.108.12.0 255.255.255.0
route 255.255.255.0
91.108.16.0 route 91.108.4.0 255.255.255.0
route 91.108.56.0 255.255.255.0
route 91.108.8.0 255.255.255.0
route 94.31.29.138 255.255.255.255
route 95.101.142.43 255.255.255.255
route metric 50-
route-nopull

K

Karpion, 2020-01-24
@Karpion

Your server has two IP addresses - from the provider and from the VPN. Open a connection to api.telegram.org - it is necessary from the VPN.
Well, you need to make route add ...sure that packets on api.telegram.org go to the VPN.