While stuck at home I wrote a simple Linux tunnel ("VPN" but not encrypted/authenticated) in 100 lines of Rust. This is a PoC, not an OpenVPN replacement; just sending the IP layers and above over UDP. Specifically, it creates a tun device, enables the device, sets the device's IP and netmask, and forwards packets in both directions as client or server depending on command line argument. Setting up routes for the client and enabling forwarding/NAT for the server is currently left as an exercise for the reader. But it might be as simple as:
On the server:
echo "1" | sudo tee /proc/sys/net/ipv4/ip_forward ; sudo iptables -t nat -A POSTROUTING -j MASQUERADEOn the client:
OLDGW=$(route -n | grep '^0\.0\.0\.0' | awk '{print $2}') ; route add -host $SERVERIP gw $OLDGW ; route add default gw 10.8.3.1
It defaults to IPv4 but could be IPv6 if you configure it.
You can find the code here: https://github.com/scriptjunkie/rustun/tree/master Enjoy.