What's new

x3mRouting x3mRouting ~ Selective Routing for Asuswrt-Merlin Firmware

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

@Xentrk do you think we are ready to go for 384.19_Beta_1 ? I'm using option 3 of X3mRouting and sending my OpenVPN server traffic through a VPN Client.
Option 3 is not impacted by the changes. You can proceed. I just finished a proof of concept for the required changes I need to make for LAN Routing and the OpenVPN client screen to work. I can now proceed with the implementation. Hope to have it done by close of business today.
 
I get this warning below when I reinstall x3mRouting & run sh nat-start. I forgot to make a copy of the previous install files inside x3MRouting folder except for the backup copy which contain some old files...

View attachment 25127
sh: can't open 'jffs/scripts/x3mRouting/load_ASN_ipset.sh'

The AMAZON-US, NETFLIX & HULU scripts inside nat-start file work though & I'm able to bypass VPN & watch Netflix & Hulu. Is the load_ASN_ipset.sh file really needed & where can I download it?

Also how can I bypass VPN on Peacock using the ASN method? Can't fine the right script for this. Comcast Xfinity is offering Peacock for free.
What version of x3mRouting are you using? That file does not exist in version 2.0.0.
 
Updating x3mRouting (v2.0.0) will remove for ex. the load_AMAZON_ipset_iface.sh, load_ASN_ipset_iface.sh, etc. on /jffs/scripts/x3mRouting/ folder & store it on a newly created backup file inside that folder. You won’t be able to run a nat start unless you drag & drop copies of those files inside the x3mRouting folder. It’s kinda weird that even if you have v2.0.0 showing on amtm, if you check for update it will remove those files & create a backup folder.
You won't be able to update to Version 2.0.0 using the version 1.0.0 x3mRouting Menu or amtm.
Refer to the Version 2.0.0 Update Process section for the update instructions.
 
Hello I am trying to update to 2.0.
It fails because my rules are not stored within the nat-start file but is in the /jffs/scripts/IPSETlists script which is called by nat-start.
So the conversion file is not created.
Is there a way to convert my rules from /jffs/scripts/IPSETlists ??

Thanks
I probably should have a one liner in nat-start that calls a script located in the x3mRouting repo directory. My bad. I will address this in a future update. For now, you need to keep the entries in nat-start. Every time x3mRouting runs, it checks if the entry is in nat-start. If it does not exist, it will add it. So for now, don't use the IPSETlists file.

I created a one-off conversion script that will work for routing of IPSET entries but not server to IPSET or server to client routing rules.

Download
Code:
/usr/sbin/curl --retry 3 "https://raw.githubusercontent.com/Xentrk/Asuswrt-Merlin-Linux-Shell-Scripts/master/nat-start-conv.sh" -o "/jffs/scripts/nat-start-conv.sh" && chmod 755 /jffs/scripts/nat-start-conv.sh

You will have to change the
Code:
NAT_START=/jffs/scripts/nat-start
to
Code:
NAT_START=/jffs/scripts/IPSETlists
 
What version of x3mRouting are you using? That file does not exist in version 2.0.0.

I installed x3mRouting via amtm. It says version 2.0.0. On amtm x3mRouting page is highlighted in red & if I run 'u' I get this message below...

obsolete.PNG


Edited...
"With nat-start removed [1] x3mRouting will not work. Still version 2.0.0."
 
Last edited by a moderator:
How do you bypass VPN on Peacock using the ASN method? Can't fine the right script for this.
Code:
# nslookup peacocktv.com
Server:    1.1.1.1
Address 1: 1.1.1.1 one.one.one.one

Name:      peacocktv.com
Address 1: 2600:1417:5e::adde:942a g2600-1417-005e-0000-0000-0000-adde-942a.deploy.static.akamaitechnologies.com
Address 2: 23.46.16.192 a23-46-16-192.deploy.static.akamaitechnologies.com
Address 3: 23.46.16.181 a23-46-16-181.deploy.static.akamaitechnologies.com
Address 4: 23.46.16.183 a23-46-16-183.deploy.static.akamaitechnologies.com
Address 5: 23.46.16.173 a23-46-16-173.deploy.static.akamaitechnologies.com
Address 6: 23.46.16.190 a23-46-16-190.deploy.static.akamaitechnologies.com
Address 7: 23.46.16.151 a23-46-16-151.deploy.static.akamaitechnologies.com
Address 8: 23.46.16.197 a23-46-16-197.deploy.static.akamaitechnologies.com
Address 9: 23.46.16.175 a23-46-16-175.deploy.static.akamaitechnologies.com
Address 10: 23.46.16.198 a23-46-16-198.deploy.static.akamaitechnologies.com

Code:
whob 23.49.16.192 | grep AS
Origin-AS: 16625
AS-Path: 8492 1299 7473 16625
AS-Org-Name: Akamai Technologies

Since NBC is using CDN, AS method may not be the best one as it will change based on one's geo location.

to get an idea what is going on with domains referenced:
Code:
grep "query" "/opt/var/log/dnsmasq.log" | grep "peacock" | awk '{print $6}' | sort -u
Code:
grep "query" "/opt/var/log/dnsmasq.log" | grep "nbc" | awk '{print $6}' | sort -u

Similarly, the autoscan.sh script ca provide some clues for dnsmasq method:
Code:
sh autoscan.sh autoscan=peacock,nbc

llnwi.net
peacocktv.com
demdex.net
nbc.co
nbcuni.com
omtrdc.net

DNSMASQ method using autoscan:
Code:
x3mRouting ALL 1 NBC autoscan=peacock,nbc

Code:
tail -1 ../nat-start
sh /jffs/scripts/x3mRouting/x3mRouting.sh ALL 1 NBC dnsmasq=demdex.net,llnwi.net,nbc.co,nbcuni.com,omtrdc.net,peacocktv.com
 
I have in amtm : 6 open x3mRouting v2.0.0 -> min upd
When updated through x3m menu I still have the same message "min upd" in amtm.
 
Last edited:
I have 3 VPN clients (1,2,3) running at the same time. To route Netflix to WAN, do I need the 3 lines below
x3mRouting 1 0 NETFLIX asnum=AS2906
x3mRouting 2 0 NETFLIX asnum=AS2906
x3mRouting 3 0 NETFLIX asnum=AS2906

Or the first one is enough.
 
I have 3 VPN clients (1,2,3) running at the same time. To route Netflix to WAN, do I need the 3 lines below
x3mRouting 1 0 NETFLIX asnum=AS2906
x3mRouting 2 0 NETFLIX asnum=AS2906
x3mRouting 3 0 NETFLIX asnum=AS2906

Or the first one is enough.
If you have a rule in all three VPN clients to route the device you watch Netflix from defined to use the VPN interface, then you will need the bypass rule in all three clients as you list above.
 
I have in amtm : 6 open x3mRouting v2.0.0 -> min upd
When updated through x3m menu I still have the same message "min upd" in amtm.
Version 1 to version 2 update can't be performed via amtm due the structural changes and requires one to update using the command below:

Code:
sh -c "$(curl -sL https://raw.githubusercontent.com/Xentrk/x3mRouting/master/Install_x3mRouting.sh)"

Are on version 2.0.0? The current menu version is v2.0.1. You should see an option 7 displayed on the menu you need to select to update the x3mMenu. Then, check for any other updates using option 5.
 
i'm on 2.0.0 but don't get option to update to 2.0.1
 
i'm on 2.0.0 but don't get option to update to 2.0.1
I gave you the wrong information. I'm working on the updates to x3mRouting for the 384.19 release so my version is newer. I did make a small change last month to the menu that did not result in a version change. amtm notices the update. If you see option 7 displayed, then an update is detected either due to file size differences or version change. Select option 7 to update the x3mMenu.

Also, regarding the NETFLIX rules, please perform some testing as follows to confirm all three rules are required. After implementing the rules, try accessing NETFLIX from devices assigned to each client to make sure you can bypass Netflix. Then, run the command below to see if traffic is traversing the iptables chain.

Code:
iptables -nvL PREROUTING -t mangle --line

You should see metrics as shown on the README.
 
Hi .. I'm fairly new to this and am stumbling at the first hurdle .... Is there a reason for this error? Thanks Tony
1596637818596.png
 
I am on 2.0, amtm shows minor update. but no option 7 in x3mMenu
Please download the menu using the command below and let me know if it still reports an update available in amtm.
Code:
sh -c "$(curl -sL https://raw.githubusercontent.com/Xentrk/x3mRouting/master/Install_x3mRouting.sh)"
 
Excellent thank you I now have it all installed now to work out how to use it .. Thank you again
There are some useful entware packages available. There are prior posts about the most useful entware packages on the forum.

x3mRouting uses entware for three purposes.
1. The entware package jq is required to process Amazon AWS json file containing IP addresses.
2. The entware directory /opt/tmp is used as the save/backup location for IPSET files that are used to load IPSET lists from.
3. Utilize the /opt/bin directory to create shortcut commands for x3mRouting.sh and x3mRouting_Menu.sh.

I'll add some better error handling if the entware not installed condition is encountered though.
 
Last edited:

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top