####    OLD WAY    ####




apt-get install openvpn

cd /etc/openvpn

nano login

wget https://downloads.nordcdn.com/configs/archives/servers/ovpn.zip

unzip ovpn.zip

rm ovpn.zip

cd /etc/openvpn/ovpn_udp

rm !(us*)            #removes all other servers except US

nano us6008.nordvpn.com.udp.ovpn
#change to auth-user-pass /etc/openvpn/login

cp us6008.nordvpn.com.udp.ovpn /etc/openvpn/client.conf

cd /etc/openvpn

#ip forwords
nano /etc/sysctl.conf

#un#     net.ipv4.ip_forward = 1

sysctl -p
apt-get install iptables-persistent

iptables -A INPUT -i lo -m comment --comment "loopback" -j ACCEPT
iptables -A OUTPUT -o lo -m comment --comment "loopback" -j ACCEPT
iptables -I INPUT -i eth0 -m comment --comment "In from LAN" -j ACCEPT
iptables -I OUTPUT -o tun+ -m comment --comment "Out to VPN" -j ACCEPT
iptables -A OUTPUT -o eth0 -p udp --dport 1198 -m comment --comment "openvpn" -j ACCEPT
iptables -A OUTPUT -o eth0 -p udp --dport 123 -m comment --comment "ntp" -j ACCEPT
iptables -A OUTPUT -p UDP --dport 67:68 -m comment --comment "dhcp" -j ACCEPT
iptables -A OUTPUT -o eth0 -p udp --dport 53 -m comment --comment "dns" -j ACCEPT
iptables -A FORWARD -i tun+ -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth0 -o tun+ -m comment --comment "LAN out to VPN" -j ACCEPT
iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE

netfilter-persistent save

systemctl enable netfilter-persistent

#manual mode
openvpn /etc/openvpn/ovpn_udp/us6008.nordvpn.com.udp.ovpn

#autostart
cd /etc/openvpn
systemctl enable openvpn@client.service
systemctl daemon-reload

reboot
sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf
apt-get install iptables-persistent -y

iptables -A INPUT -i lo -m comment --comment "loopback" -j ACCEPT
iptables -A OUTPUT -o lo -m comment --comment "loopback" -j ACCEPT
iptables -I INPUT -i eth0 -m comment --comment "In from LAN" -j ACCEPT
iptables -I OUTPUT -o tun+ -m comment --comment "Out to VPN" -j ACCEPT
iptables -A OUTPUT -o eth0 -p udp --dport 1198 -m comment --comment "openvpn" -j ACCEPT
iptables -A OUTPUT -o eth0 -p udp --dport 123 -m comment --comment "ntp" -j ACCEPT
iptables -A OUTPUT -p UDP --dport 67:68 -m comment --comment "dhcp" -j ACCEPT
iptables -A OUTPUT -o eth0 -p udp --dport 53 -m comment --comment "dns" -j ACCEPT
iptables -A FORWARD -i tun+ -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth0 -o tun+ -m comment --comment "LAN out to VPN" -j ACCEPT
iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE
netfilter-persistent save
systemctl enable netfilter-persistent
# configuring iptables
# Making it where it routes through your vpn
# You need to set up your nordvpn server through dietpi-vpn first.  Make it Autostart.
reboot





########             DONE             ############


configure your other computer's gateway through this ip address

dns you have to pick your router or your pi-hole

iptables -A INPUT -i lo -m comment --comment "loopback" -j ACCEPT iptables -A OUTPUT -o lo -m comment --comment "loopback" -j ACCEPT iptables -I INPUT -i eth0 -m comment --comment "In from LAN" -j ACCEPT iptables -I OUTPUT -o tun+ -m comment --comment "Out to VPN" -j ACCEPT iptables -A OUTPUT -o eth0 -p udp --dport 1198 -m comment --comment "openvpn" -j ACCEPT iptables -A OUTPUT -o eth0 -p udp --dport 123 -m comment --comment "ntp" -j ACCEPT iptables -A OUTPUT -p UDP --dport 67:68 -m comment --comment "dhcp" -j ACCEPT iptables -A OUTPUT -o eth0 -p udp --dport 53 -m comment --comment "dns" -j ACCEPT iptables -A FORWARD -i tun+ -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i eth0 -o tun+ -m comment --comment "LAN out to VPN" -j ACCEPT iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE netfilter-persistent save systemctl enable netfilter-persistent

sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf apt-get install iptables-persistent -y