[Raspberry Pi 3] VPN - only kodi traffic


Im running Kodi and ownCloud on my Pi. Is it possible to use a VPN that only encrypts the traffic of Kodi, so that my VPN provider won’t get my ownCloud traffic? I tried to find a solution, but all I could find was how to encrypt the entire traffic of your osmc device, which isnt what im looking for.

would appreciate any help

I’m just going off the top of my head, but you could use iptables to forward all traffic coming from the Kodi user (assuming Kodi runs as a dedicated user) to go through the VPN and let all the rest of the traffic go the regular route.
Maybe there’s an addon that does this?

I think this could be done with a network namespace; but it’s not going to be trivial. You then bridge the tunnel interface with the network namespace.


That’s a possibility I didn’t think about, but I found a link to a tutorial of sorts => OpenVPN for a single application on Linux, and the gist here.

This really sounds like a great addon though.

As you’ve seen, OpenVPN will send all traffic through the tunnel, which is generally what we want.

The code that you’ve linked to is using network namespaces, so that you can restrict VPN traffic to just the kodi.bin process.

If you have problems getting it to work, an alternative (and possibly simpler) approach might be to let OpenVPN encrypt all traffic, including that for the operating system and any other applications you have running, and then bypass the VPN for the IP address (or IP addresses) of your ownCloud server(s). For this to work, you’d need to know the servers’ IP addresses, which is usually no problem.

Then a simple:

sudo route add <server-IP> gw <your-gateway> dev eth0

or, once OSMC moves to stretch:

sudo ip route add <server-IP> via <your-gateway> dev eth0

will bypass the VPN for each IP address you specify. (The example assumes your network interface is on eth0.)

Isn’t this topic exactly the same as this one, perhaps someone can merge them?