Hello all,

I'm going to subscribe to a VPN service so I can encrypt all my data and hide my IP.

Basically, here's how I want to set things up:
                                 |--[eth1]--> Internet
LAN <--[eth0]--> Linux router <--|
                                 |--[tun0]--> (VPN server) <---> Internet
The rules should be as follow:
  • Everything that goes in one interface should come out the same interface
  • LAN traffic to the Internet should be NAT'ed to tun0
  • Except if some criterias are met (source IP and/or destination port), in which case it should be NAT'ed to eth1

I think this is relatively easy to set up with iproute2 and iptables.

However, I'm pretty certain I'd be reinventing the wheel. Surely there is already a software or a set of scripts to accomplish this?

Ideally, I'd like to be able to set up a list of VPN servers in case one of them isn't available. If for some reason no VPN connection is available at all, then everything should be NAT'ed to eth1, but in that case I'd like to receive an alarm by mail or SMS or something.

Can anyone point me to some resources? I'd be very grateful!