On Fri, 9 Oct 2020 16:19:22 +0200 Chris <wiregu...@spam-free.eu> wrote:
> Maybe I oversimplify your problem, but from what I read, your standard route > will be using the Iranian net. > And - I guess - it is only a limited numer of IP addresses, that you would > like > to reach through the tunnel. > > I don't know your OS, but simply adding ip routes pointing to the tunnel for > the > desired destinations would do the job. OK, a desired destination would be *.youtube.com, how would you go about that? You can't add routes to domain names of websites, not to mention to wildcards of domain names; and websites can resolve into a lot of IPs, which will change randomly due to load balancing, or due to sites migrating their hosting over time. So just resolving them right now and using specific IPs likely wouldn't work for long. One solution is the browser extensions that I mentioned coupled with a SOCKS proxy on remote side. Another is what David suggests with dnsmasq and ipset, which seems like it'll be more transparent from the usage standpoint, but also more complex to set up. -- With respect, Roman