Selective bypass not working for RT-AC68U
Hi guys, can someone please help me out. I've read every message in this entire thread and I can't get the script working for my RT-AC68U.
I enabled and formatted JFFS
I enabled SSH
I placed it in file wan-start
I applied permissions on the file and I can execute it.
I tried using ip route add default table 100 via $(nvram get wan0_gateway) as suggested in this thread.
I manually executed every line in the script and found this errors on:
ip route del default table 100
RTNETLINK answers: No such process
The entire script is here, I would appreciate help please.
#!/bin/sh
touch /tmp/000wanstarted
for i in /proc/sys/net/ipv4/conf/*/rp_filter ; do
echo 0 > $i
done
#US VPN
#
# Delete and table 100 and flush any existing rules if they exist.
#
ip route flush table 100
ip route del default table 100
ip rule del fwmark 1 table 100
ip route flush cache
iptables -t mangle -F PREROUTING
#
# Copy all non-default and non-VPN related routes from the main table into table 100.
# Then configure table 100 to route all traffic out the WAN gateway and assign it mark "1"
#
# NOTE: Here I assume the OpenVPN tunnel is named "tun11".
#
#
#ip route show table main | grep -Ev ^default | grep -Ev tun11 \
# | while read ROUTE ; do
# ip route add table 100 $ROUTE
# done
ip route add default table 100 via $(nvram get wan0_gateway)
ip rule add fwmark 1 table 100
ip route flush cache
#
# Define the routing policies for the traffic. The rules will be applied in the order that they
# are listed. In the end, packets with MARK set to "0" will pass through the VPN. If MARK is set
# to "1" it will bypass the VPN.
#
# All LAN traffic will bypass the VPN (Useful to put this rule first, so all traffic bypasses the VPN and you can # configure exceptions afterwards)
iptables -t mangle -A PREROUTING -i br0 -j MARK --set-mark 1
# All traffic from Laptop will use US VPN
#iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range 192.168.1.248 -j MARK --set-mark 0
# All traffic from PS3 will use the US VPN
#iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range 192.168.1.10 -j MARK --set-mark 0
# All traffic from Nexus 10 will use the US VPN
#iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range 192.168.1.2 -j MARK --set-mark 0
# All traffic from VOIP will use the WAN
#iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range 192.168.1.152 -j MARK --set-mark 1
exit 0
Hi guys, can someone please help me out. I've read every message in this entire thread and I can't get the script working for my RT-AC68U.
I enabled and formatted JFFS
I enabled SSH
I placed it in file wan-start
I applied permissions on the file and I can execute it.
I tried using ip route add default table 100 via $(nvram get wan0_gateway) as suggested in this thread.
I manually executed every line in the script and found this errors on:
ip route del default table 100
RTNETLINK answers: No such process
The entire script is here, I would appreciate help please.
#!/bin/sh
touch /tmp/000wanstarted
for i in /proc/sys/net/ipv4/conf/*/rp_filter ; do
echo 0 > $i
done
#US VPN
#
# Delete and table 100 and flush any existing rules if they exist.
#
ip route flush table 100
ip route del default table 100
ip rule del fwmark 1 table 100
ip route flush cache
iptables -t mangle -F PREROUTING
#
# Copy all non-default and non-VPN related routes from the main table into table 100.
# Then configure table 100 to route all traffic out the WAN gateway and assign it mark "1"
#
# NOTE: Here I assume the OpenVPN tunnel is named "tun11".
#
#
#ip route show table main | grep -Ev ^default | grep -Ev tun11 \
# | while read ROUTE ; do
# ip route add table 100 $ROUTE
# done
ip route add default table 100 via $(nvram get wan0_gateway)
ip rule add fwmark 1 table 100
ip route flush cache
#
# Define the routing policies for the traffic. The rules will be applied in the order that they
# are listed. In the end, packets with MARK set to "0" will pass through the VPN. If MARK is set
# to "1" it will bypass the VPN.
#
# All LAN traffic will bypass the VPN (Useful to put this rule first, so all traffic bypasses the VPN and you can # configure exceptions afterwards)
iptables -t mangle -A PREROUTING -i br0 -j MARK --set-mark 1
# All traffic from Laptop will use US VPN
#iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range 192.168.1.248 -j MARK --set-mark 0
# All traffic from PS3 will use the US VPN
#iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range 192.168.1.10 -j MARK --set-mark 0
# All traffic from Nexus 10 will use the US VPN
#iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range 192.168.1.2 -j MARK --set-mark 0
# All traffic from VOIP will use the WAN
#iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range 192.168.1.152 -j MARK --set-mark 1
exit 0