1, first of all define custom routing table, or write when routing entries written to the primary routing table, it will lead to routing bewildered.
VI / etc / iproute2 / rt_tables
100 TAB1
2, add a static default route.
ip route add default via 172.16.60.1 dev ppp0 table tab1
here is to add a default route, default gateway exit is ppp0 interface in this routing table tab1 inside.
3, the access to the address of the user coming marked numerals, and data flagged by the mandatory use of this routing table tab1.
The number 3 is marking name.
-A the mangle the PREROUTING -s -t iptables -j MARK 172.16.131.0/24 the --set-Mark. 3
IP fwmark the Add rule. 3 Table TAB1
4, using ip rule to be used according to the source address routing table.
ip rule add from 172.16.131.0/24 table tab1
5, the last step, setting iptables forwarding.
iptables -A POSTROUTING -s 172.16.131.0/24 -o ppp0 -j MASQUERADE
service iptables restart
6, a boot
the chmod + X /etc/rc.d/rc.local
VI /etc/rc.d/rc.local
Mon pptpvpn
sleep 10
ip route add default via 172.16.60.1 dev ppp0 table tab1
iptables -A PREROUTING -t mangle -s 172.16.131.0/24 -j MARK --set-mark 3
ip rule add fwmark 3 table tab1
ip rule add from 172.16.131.0/24 table tab1