Domain-based VPN Routing Script

[Ranger802004]

Wait, so I can use this script to achieve this?

Yes

 

[Dan_88H]

Yes

Ok great thank you

Silly question can I run this via the GUI ? Or do I need to ssh to the router then run it ?

Edit
I have enabled SSH and run the install command. I'm guessing from here, I just create policies via the command line?

 

[Ranger802004]

Ok great thank you

Silly question can I run this via the GUI ? Or do I need to ssh to the router then run it ?

Edit
I have enabled SSH and run the install command. I'm guessing from here, I just create policies via the command line?

Yes you are on the right track, I’m working on an SSH GUI for this tool.

 

[Dan_88H]

Yes you are on the right track, I’m working on an SSH GUI for this tool.

Nice that would be amazing

I have successfully tested and got this working. Amazing work mate!

Can you use a * to cover all URLs for a particular domain?

 

[Ranger802004]

Nice that would be amazing

I have successfully tested and got this working. Amazing work mate!

Can you use a * to cover all URLs for a particular domain?

Unfortunately no wildcards

 

[Dan_88H]

Unfortunately no wildcards

Ok thank you

Feature request

 

[Dan_88H]

Hi - the below interfaces are available for me to select, I cant seem to see WAN. Is eth0 classified as WAN and tun14 my OpenVPN Client ?
Interfaces:
tun14
eth0

 

[rung]

Hi - the below interfaces are available for me to select, I cant seem to see WAN. Is eth0 classified as WAN and tun14 my OpenVPN Client ?
Interfaces:
tun14
eth0

The script appears to use the following commands to identify the WAN interface names:
nvram get wan0_gw_ifname
nvram get wan1_gw_ifname

 

[Ranger802004]

Hi - the below interfaces are available for me to select, I cant seem to see WAN. Is eth0 classified as WAN and tun14 my OpenVPN Client ?
Interfaces:
tun14
eth0

Yes, it will be the actual interface name. I am looking at reworking this in a future release.

 

[Dan_88H]

Thanks!

I’m very close but unfortunately can’t get access to KayoSports. Either they use multiple URL’s to stream content or i’m not setting it up correctly.

I’ve been able to bring up their website and log in then attempt to play one of their channels but it then detects I’m on VPN

 

[Ranger802004]

Thanks!

I’m very close but unfortunately can’t get access to KayoSports. Either they use multiple URL’s to stream content or i’m not setting it up correctly.

I’ve been able to bring up their website and log in then attempt to play one of their channels but it then detects I’m on VPN

I use IPvFoo browser plug-in to determine all the addresses needed for a policy.

 

[Dan_88H]

I use IPvFoo browser plug-in to determine all the addresses needed for a policy.

Thanks! I've used that - is there a easy way to get a export via that plugin ?

I might have to add upwards of 80 domain names haha but I'll do it - Is implementing a wildcard an option or not really ?

And is there a way to add multiple domains to a single policy or is it one domain per policy

 

[Ranger802004]

Thanks! I've used that - is there a easy way to get a export via that plugin ?

I might have to add upwards of 80 domain names haha

Is implemented a wildcard an option or not really ?

And is there a way to add multiple domains to a single policy or is it one domain per policy

Wildcard isn’t supported because the script is using nslookup to query the address for IPs to route and it doesn’t support wildcards.

 

[Dan_88H]

Wildcard isn’t supported because the script is using nslookup to query the address for IPs to route and it doesn’t support wildcards.

Ah yes that makes sense. Thanks for clarifying.

Is it possible to create a policy group with multiple domains in it or is it 1 domain per policy ?
- Can I simply add domain names to the policy domainlist File under /jffs/configs/domain_vpn_routing/ ?
- Eg. I can add for each line in that file each domain name ? Or will I need to domain + IP ?

Is there a specific way to kill a query policy that seems to be hung ? I keep getting :
domain_vpn_routing.sh - Query Policy already running...
( EDIT - yes running the below worked
/jffs/scripts/domain_vpn_routing.sh kill querypolicy policy name )

 

[ectavgen]

Hello! Thank you for awesome job!
Is it any chance in theory to add WireGuard support?

 

[Ranger802004]

Ah yes that makes sense. Thanks for clarifying.

Is it possible to create a policy group with multiple domains in it or is it 1 domain per policy ?
- Can I simply add domain names to the policy domainlist File under /jffs/configs/domain_vpn_routing/ ?
- Eg. I can add for each line in that file each domain name ? Or will I need to domain + IP ?

Is there a specific way to kill a query policy that seems to be hung ? I keep getting :
domain_vpn_routing.sh - Query Policy already running...
( EDIT - yes running the below worked
/jffs/scripts/domain_vpn_routing.sh kill querypolicy policy name )

Use the kill argument. It's in the readme.

 

[Ranger802004]

Hello! Thank you for awesome job!
Is it any chance in theory to add WireGuard support?

Possibly but would need someone to help collect info for this as I don't personally use WireGuard.

 

[ectavgen]

Now I am choosing the protocol to setup: WG or OpenVPN and not seeing any advantages of OpenVPN. In my case with 300 Mbps from ISP on ax58u I'll get big difference in speed with WG, OpenVPN will give me about 30-50 Mbps max as I guess. So I'll probably stick with WG.
If you'll start working on WG supports just PM me, I'll try to help you with everything I can.

 

[Ranger802004]

Now I am choosing the protocol to setup: WG or OpenVPN and not seeing any advantages of OpenVPN. In my case with 300 Mbps from ISP on ax58u I'll get big difference in speed with WG, OpenVPN will give me about 30-50 Mbps max as I guess. So I'll probably stick with WG.
If you'll start working on WG supports just PM me, I'll try to help you with everything I can.

I'm currently working on an update for this script so stay around.

 

[Jherb]

Hello,
Thanks for this script. I'm having trouble getting the routing to work so I wanted to troubleshoot and had some basic questions.

I see that this is using nslookup to figure out the addresses. If I manually ran a nslookup, and then put those numbers into the vpndirector with the proper VPN selected, is that essentially the same thing? I want to troubleshoot the actual routing and IP addresses and make sure they work, before messing with the script.

Also, what is tun11, tun12, etc. Are those vpn1, vpn2, etc?

Thanks for your help.