The setup described here will route all internet-bound traffic through the VPN, not just torrents. This would include web browsing, etc. I don't really want that, so I used a virtual machine that will be dedicated to just torrent downloading. But using a VM isn't really necessary if you don't want it.
I signed up for VPN service with http://privateinternetaccess.com. It's about $7/month or $40/year.
Then on my VM, I installed openvpn as my VPN client, then downloaded their sample config files for their various locations.
Code: Select all
sudo apt-get install openvpn
cd /etc/openvpn
wget http://privateinternetaccess.com/openvpn/openvpn.zip
unzip openvpn.zip
Code: Select all
ln -s CA\ Toronto.ovpn client.confCode: Select all
p98885918
Pa$$w0rdHereCode: Select all
auth-user-pass authThen run "/etc/init.d/openvpn start" to start the vpn connection. Assuming the VPN connects successfully, you should see new routes routing all your traffic through the VPN when you run "route -n".
At this point the VPN connection is all set up, but there are a few extras you can do if you want.
You can set up iptables so that it only allows outbound communication from deluge to go over the VPN by adding these rules (the first two rules allow local LAN traffic and localhost traffic to skip the vpn, then the third rule forces all other deluge traffic over the vpn):
Code: Select all
iptables -A OUTPUT -d 192.168.1.0/24 -m owner --uid-owner 103 -j ACCEPT
iptables -A OUTPUT -d 127.0.0.0/8 -m owner --uid-owner 103 -j ACCEPT
iptables -A OUTPUT ! -o tun0 -m owner --uid-owner 103 -j REJECT --reject-with icmp-port-unreachable
And if you are using monit to restart the VPN in case it dies and to notify you when that happens, here is a simple monit configuration for OpenVPN:
Code: Select all
check process openvpn with pidfile /var/run/openvpn.client.pid
start program "/etc/init.d/openvpn start"
stop program "/etc/init.d/openvpn stop"
if 5 restarts within 5 cycles then timeout and alert