iptables specific ip routing via tun

[shamora]

hi guys!
I was searching few days for a solution to my problem but haven't found one or I'm too dumb to understand.
Here's what happened:
I have a linux server used as a router. It has an eth0 and eth1 (local interface). I just installed openvpn (I need it only as a client), I configured it and run it. It connects very good the the vpn server but I don't know how to configure iptables so I can connect via tun only from an ip from the local network and all the others to connect normally to my external interface (eth0).
I have tried the following command:

iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o tun0 -j MASQUERADE

iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o tun0 -j MASQUERADE

which works very good except that all the traffic is forwarded thru tun0.
when I put -s 192.168.1.12 (my local ip), also works fine but all the other computers from the network dont have internet access.
let's say my server external ip is A.A.A.A, my local server ip is B.B.B.B and my tun ip is C.C.C.C
how can I create a rule in order to make all ips (except one) to connect thru real ip A.A.A.A to the internet and my ip to connect thru tun ip C.C.C.C ?
I don't seem to find an answer to that or as I said already I'm too dumb.
Any help would be appreciated.
Thanks guys.

[Lazydog]

How about posting you firewall rules so we can see what you have done and then go from there?
Also you should be aware that IPTABLES does not do routing.

[shamora]

here are the routes before and after I connect thru vpn
#### BEFORE ####
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
AA.AA.AA.0 * 255.255.255.128 U 0 0 0 eth0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
169.254.0.0 * 255.255.0.0 U 0 0 0 eth1
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default blabla.xxx 0.0.0.0 UG 0 0 0 eth0

#### WITH VPN ####
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.10.0.17 * 255.255.255.255 UH 0 0 0 tun0
CC.CC.CC.CC AA.AA.AA.1 255.255.255.255 UGH 0 0 0 eth0
AA.AA.AA.0 * 255.255.255.128 U 0 0 0 eth0
10.10.0.0 10.10.0.17 255.255.255.0 UG 0 0 0 tun0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
169.254.0.0 * 255.255.0.0 U 0 0 0 eth1
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 10.10.0.17 128.0.0.0 UG 0 0 0 tun0
128.0.0.0 10.10.0.17 128.0.0.0 UG 0 0 0 tun0
default AA.AA.AA.1 0.0.0.0 UG 0 0 0 eth0

where AA.AA.AA is my external ip class and CC.CC.CC my vpn external ip class.
I guess it's something from the route too cause after I start the vpn connection, I cannot connect to internet from the server console.

[Lazydog]

That is routing table what about the firewall rules?
Looking at your routing you have 2 default routes. Might want to think about removing one of then.