Add option to only route LAN traffic

[patrikdolsson]

I'm switching to a docker openvpn-server solution from the router solution (Asuswrt-merlin) I have used earlier to access my home network remotely. This server had the option to only route LAN traffic, internet traffic or both. As I only used this to access my home network I quite enjoyed the feature of only routing LAN traffic.

Is it possible to add an option to only route LAN traffic? Not sure if it's as simple as adding an environment variable or if it would require more information such as subnet and/or netmask. In any case I would like to see this feature. :)

[morgang5522]

I require this too, as I've tried to do it via the config and can't seem to get it to work. This is useful for accessing services inside the machine the VPN is running on that aren't publicly exposed (i.e. database etc)

[morgang5522]

After some messing around I managed to get it sort of working. I cloned the repo and edited config/server.conf commenting out lines 10,11,12 and then have edited docker-compose.yml to be this:

version: '3.8'

services:
  dockovpn:
    build: .
    container_name: dockovpn
    cap_add:
      - NET_ADMIN
    environment:
      - HOST_ADDR=<address>
    volumes:
      - ./ovpndata:/opt/Dockovpn_data
    network_mode: host
    privileged: true
    stdin_open: true
    tty: true
    restart: always

Run with docker-compose up --build

This allowed me to connect to the OpenVPN then also access other docker containers that are running. I have an apache2 docker image running bound to 10.8.0.1:8080 which I can only access now when connected to the OpenVPN.

I don't know if this is the right way to do it, or if it's secure, but I got it working - however I'm no expert.