ROUTE – 微宇宙

平常在Windows下使用VPN，各位都会发现，所有出网的数据包都通过VPN了。虽然这样可以访问某些被“禁止访问”的网站，但访问国内的网站，速度却慢了。

事实上，连接VPN后，Windows会自动把系统的默认网关改为VPN的，因此数据包都通过了VPN服务器。既然如此，我们再对路由表进行操作，添加一些对国内IP生效的路由规则，那样就能实现访问国外网站时通过VPN，访问国内网站时直连。

Windows下对路由表进行操作的命令是route，route的用法如下：

route ADD 目标IP MASK 子网掩码  网关 METRIC 跃点数 IF 网络接口
route CHANGE 目标IP MASK 子网掩码 网关 METRIC 跃点数 IF 网络接口
route DELETE 目标IP

route ADD 目标IP MASK 子网掩码网关 METRIC 跃点数 IF 网络接口

route CHANGE 目标IP MASK 子网掩码网关 METRIC 跃点数 IF 网络接口

route DELETE 目标IP

上面分别是添加路由，更改路由，以及删除路由的用法。

首先连接VPN，让Windows自动更改路由。

接下来使用route对国内IP的路由表进行更改，下面提供一个国内IP的IP段列表：

14.0.0.0/8
27.0.0.0/8
36.0.0.0/8
39.0.0.0/8
42.0.0.0/7
49.0.0.0/8
58.0.0.0/7
60.0.0.0/8
101.0.0.0/8
103.0.0.0/8
106.0.0.0/8
112.0.0.0/4
134.128.0.0/9
139.0.0.0/9
139.128.0.0/9
140.0.0.0/9
140.128.0.0/9
144.0.0.0/9
144.128.0.0/9
150.0.0.0/8
153.0.0.0/8
157.0.0.0/9
157.128.0.0/9
159.128.0.0/9
161.128.0.0/9
162.0.0.0/9
163.0.0.0/8
166.0.0.0/9
167.128.0.0/9
168.128.0.0/9
171.0.0.0/8
172.0.0.0/12
175.0.0.0/8
180.0.0.0/8
182.0.0.0/7
192.112.0.0/12
192.128.0.0/9
202.0.0.0/7
218.0.0.0/7
220.0.0.0/6

14.0.0.0/8

27.0.0.0/8

36.0.0.0/8

39.0.0.0/8

42.0.0.0/7

49.0.0.0/8

58.0.0.0/7

60.0.0.0/8

101.0.0.0/8

103.0.0.0/8

106.0.0.0/8

112.0.0.0/4

134.128.0.0/9

139.0.0.0/9

139.128.0.0/9

140.0.0.0/9

140.128.0.0/9

144.0.0.0/9

144.128.0.0/9

150.0.0.0/8

153.0.0.0/8

157.0.0.0/9

157.128.0.0/9

159.128.0.0/9

161.128.0.0/9

162.0.0.0/9

163.0.0.0/8

166.0.0.0/9

167.128.0.0/9

168.128.0.0/9

171.0.0.0/8

172.0.0.0/12

175.0.0.0/8

180.0.0.0/8

182.0.0.0/7

192.112.0.0/12

192.128.0.0/9

202.0.0.0/7

218.0.0.0/7

220.0.0.0/6

Windows的打开cmd，执行以下的命令(不要保存为BAT再运行)：

set GATEWAY=你的路由器网关地址
route add 14.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1
route add 27.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1
route add 36.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1
route add 39.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1
route add 42.0.0.0 MASK 254.0.0.0 %GATEWAY% METRIC 1
route add 49.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1
route add 58.0.0.0 MASK 254.0.0.0 %GATEWAY% METRIC 1
route add 60.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1
route add 101.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1
route add 103.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1
route add 106.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1
route add 112.0.0.0 MASK 240.0.0.0 %GATEWAY% METRIC 1
route add 134.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1
route add 139.0.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1
route add 139.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1
route add 140.0.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1
route add 140.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1
route add 144.0.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1
route add 144.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1
route add 150.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1
route add 153.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1
route add 157.0.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1
route add 157.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1
route add 159.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1
route add 161.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1
route add 162.0.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1
route add 163.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1
route add 166.0.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1
route add 167.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1
route add 168.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1
route add 171.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1
route add 172.0.0.0 MASK 255.240.0.0 %GATEWAY% METRIC 1
route add 175.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1
route add 180.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1
route add 182.0.0.0 MASK 254.0.0.0 %GATEWAY% METRIC 1
route add 192.112.0.0 MASK 255.240.0.0 %GATEWAY% METRIC 1
route add 192.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1
route add 202.0.0.0 MASK 254.0.0.0 %GATEWAY% METRIC 1
route add 218.0.0.0 MASK 254.0.0.0 %GATEWAY% METRIC 1
route add 220.0.0.0 MASK 252.0.0.0 %GATEWAY% METRIC 1

set GATEWAY=你的路由器网关地址

route add 14.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1

route add 27.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1

route add 36.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1

route add 39.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1

route add 42.0.0.0 MASK 254.0.0.0 %GATEWAY% METRIC 1

route add 49.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1

route add 58.0.0.0 MASK 254.0.0.0 %GATEWAY% METRIC 1

route add 60.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1

route add 101.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1

route add 103.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1

route add 106.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1

route add 112.0.0.0 MASK 240.0.0.0 %GATEWAY% METRIC 1

route add 134.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1

route add 139.0.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1

route add 139.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1

route add 140.0.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1

route add 140.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1

route add 144.0.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1

route add 144.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1

route add 150.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1

route add 153.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1

route add 157.0.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1

route add 157.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1

route add 159.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1

route add 161.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1

route add 162.0.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1

route add 163.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1

route add 166.0.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1

route add 167.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1

route add 168.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1

route add 171.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1

route add 172.0.0.0 MASK 255.240.0.0 %GATEWAY% METRIC 1

route add 175.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1

route add 180.0.0.0 MASK 255.0.0.0 %GATEWAY% METRIC 1

route add 182.0.0.0 MASK 254.0.0.0 %GATEWAY% METRIC 1

route add 192.112.0.0 MASK 255.240.0.0 %GATEWAY% METRIC 1

route add 192.128.0.0 MASK 255.128.0.0 %GATEWAY% METRIC 1

route add 202.0.0.0 MASK 254.0.0.0 %GATEWAY% METRIC 1

route add 218.0.0.0 MASK 254.0.0.0 %GATEWAY% METRIC 1

route add 220.0.0.0 MASK 252.0.0.0 %GATEWAY% METRIC 1

Linux使用pptpclient连接VPN后并无自动更改路由，所以需要自己添加一条规则，可以ip这个命令(ppp设备名称可以通过ifconfig查看)，执行以下命令即可：

PPPDEV=连接了VPN的ppp设备名称
OUTPUTDEV=访问公网用的网卡名称
ip route add 0.0.0.0/0 dev ${PPPDEV}
ip route add 0.0.0.0/7 dev ${OUTPUTDEV}
ip route add 10.0.0.0/8 dev ${OUTPUTDEV}
ip route add 14.0.0.0/8 dev ${OUTPUTDEV}
ip route add 27.0.0.0/8 dev ${OUTPUTDEV}
ip route add 36.0.0.0/8 dev ${OUTPUTDEV}
ip route add 39.0.0.0/8 dev ${OUTPUTDEV}
ip route add 42.0.0.0/7 dev ${OUTPUTDEV}
ip route add 49.0.0.0/8 dev ${OUTPUTDEV}
ip route add 58.0.0.0/7 dev ${OUTPUTDEV}
ip route add 60.0.0.0/8 dev ${OUTPUTDEV}
ip route add 101.0.0.0/8 dev ${OUTPUTDEV}
ip route add 103.0.0.0/8 dev ${OUTPUTDEV}
ip route add 106.0.0.0/8 dev ${OUTPUTDEV}
ip route add 110.0.0.0/7 dev ${OUTPUTDEV}
ip route add 112.0.0.0/4 dev ${OUTPUTDEV}
ip route add 127.0.0.0/8 dev ${OUTPUTDEV}
ip route add 134.128.0.0/9 dev ${OUTPUTDEV}
ip route add 139.0.0.0/9 dev ${OUTPUTDEV}
ip route add 139.128.0.0/9 dev ${OUTPUTDEV}
ip route add 140.0.0.0/9 dev ${OUTPUTDEV}
ip route add 140.128.0.0/9 dev ${OUTPUTDEV}
ip route add 144.0.0.0/9 dev ${OUTPUTDEV}
ip route add 144.128.0.0/9 dev ${OUTPUTDEV}
ip route add 150.0.0.0/8 dev ${OUTPUTDEV}
ip route add 153.0.0.0/8 dev ${OUTPUTDEV}
ip route add 157.0.0.0/9 dev ${OUTPUTDEV}
ip route add 157.128.0.0/9 dev ${OUTPUTDEV}
ip route add 159.128.0.0/9 dev ${OUTPUTDEV}
ip route add 161.128.0.0/9 dev ${OUTPUTDEV}
ip route add 162.0.0.0/9 dev ${OUTPUTDEV}
ip route add 163.0.0.0/8 dev ${OUTPUTDEV}
ip route add 166.0.0.0/9 dev ${OUTPUTDEV}
ip route add 167.128.0.0/9 dev ${OUTPUTDEV}
ip route add 168.128.0.0/9 dev ${OUTPUTDEV}
ip route add 171.0.0.0/8 dev ${OUTPUTDEV}
ip route add 172.0.0.0/12 dev ${OUTPUTDEV}
ip route add 175.0.0.0/8 dev ${OUTPUTDEV}
ip route add 180.0.0.0/8 dev ${OUTPUTDEV}
ip route add 182.0.0.0/7 dev ${OUTPUTDEV}
ip route add 192.112.0.0/12 dev ${OUTPUTDEV}
ip route add 192.128.0.0/9 dev ${OUTPUTDEV}
ip route add 202.0.0.0/7 dev ${OUTPUTDEV}
ip route add 210.0.0.0/7 dev ${OUTPUTDEV}
ip route add 218.0.0.0/7 dev ${OUTPUTDEV}
ip route add 220.0.0.0/6 dev ${OUTPUTDEV}

PPPDEV=连接了VPN的ppp设备名称

OUTPUTDEV=访问公网用的网卡名称

ip route add 0.0.0.0/0 dev ${PPPDEV}

ip route add 0.0.0.0/7 dev ${OUTPUTDEV}

ip route add 10.0.0.0/8 dev ${OUTPUTDEV}

ip route add 14.0.0.0/8 dev ${OUTPUTDEV}

ip route add 27.0.0.0/8 dev ${OUTPUTDEV}

ip route add 36.0.0.0/8 dev ${OUTPUTDEV}

ip route add 39.0.0.0/8 dev ${OUTPUTDEV}

ip route add 42.0.0.0/7 dev ${OUTPUTDEV}

ip route add 49.0.0.0/8 dev ${OUTPUTDEV}

ip route add 58.0.0.0/7 dev ${OUTPUTDEV}

ip route add 60.0.0.0/8 dev ${OUTPUTDEV}

ip route add 101.0.0.0/8 dev ${OUTPUTDEV}

ip route add 103.0.0.0/8 dev ${OUTPUTDEV}

ip route add 106.0.0.0/8 dev ${OUTPUTDEV}

ip route add 110.0.0.0/7 dev ${OUTPUTDEV}

ip route add 112.0.0.0/4 dev ${OUTPUTDEV}

ip route add 127.0.0.0/8 dev ${OUTPUTDEV}

ip route add 134.128.0.0/9 dev ${OUTPUTDEV}

ip route add 139.0.0.0/9 dev ${OUTPUTDEV}

ip route add 139.128.0.0/9 dev ${OUTPUTDEV}

ip route add 140.0.0.0/9 dev ${OUTPUTDEV}

ip route add 140.128.0.0/9 dev ${OUTPUTDEV}

ip route add 144.0.0.0/9 dev ${OUTPUTDEV}

ip route add 144.128.0.0/9 dev ${OUTPUTDEV}

ip route add 150.0.0.0/8 dev ${OUTPUTDEV}

ip route add 153.0.0.0/8 dev ${OUTPUTDEV}

ip route add 157.0.0.0/9 dev ${OUTPUTDEV}

ip route add 157.128.0.0/9 dev ${OUTPUTDEV}

ip route add 159.128.0.0/9 dev ${OUTPUTDEV}

ip route add 161.128.0.0/9 dev ${OUTPUTDEV}

ip route add 162.0.0.0/9 dev ${OUTPUTDEV}

ip route add 163.0.0.0/8 dev ${OUTPUTDEV}

ip route add 166.0.0.0/9 dev ${OUTPUTDEV}

ip route add 167.128.0.0/9 dev ${OUTPUTDEV}

ip route add 168.128.0.0/9 dev ${OUTPUTDEV}

ip route add 171.0.0.0/8 dev ${OUTPUTDEV}

ip route add 172.0.0.0/12 dev ${OUTPUTDEV}

ip route add 175.0.0.0/8 dev ${OUTPUTDEV}

ip route add 180.0.0.0/8 dev ${OUTPUTDEV}

ip route add 182.0.0.0/7 dev ${OUTPUTDEV}

ip route add 192.112.0.0/12 dev ${OUTPUTDEV}

ip route add 192.128.0.0/9 dev ${OUTPUTDEV}

ip route add 202.0.0.0/7 dev ${OUTPUTDEV}

ip route add 210.0.0.0/7 dev ${OUTPUTDEV}

ip route add 218.0.0.0/7 dev ${OUTPUTDEV}

ip route add 220.0.0.0/6 dev ${OUTPUTDEV}

执行完上面的命令后，即可实现访问国内的网站直连，访问国外网站走VPN。

标签： ROUTE

Fix Ubuntu policy-based route with fwmark not work

VPN下路由表的编辑，实现部分IP直连