securedparty
DD-WRT Novice
Joined: 07 Dec 2017
Posts: 22
|
 Posted: Thu Dec 07, 2017 16:20 Post subject: OpenVPN and single port bypass |
 |
I have been trying to figure out now a single port bypass mechanism to run in Firewall commands, but nothing I have tried seems to work.
Here is what I have tried most recently:
| Code: | iptables -t nat -I PREROUTING -i tun0 -p tcp --dport 3232 -j DNAT --to-destination 10.10.1.32
iptables -t nat -I PREROUTING -i tun0 -p tcp --dport 3333 -j DNAT --to-destination 10.10.1.32 |
I am trying to get LAN IP 10.10.1.32 to receive incoming traffic via ports tcp 3232 and 3333 from over my WAN/ISP address.
I am running OpenVPN through DD-WRT with Firmware: DD-WRT v3.0-r33615M kongac (10/31/17).
My ISP provided address is not a static IP address, but for the sake of example, how would I get traffic passed to my ISP, not my VPN service, on port 3232 if my ISP provided IP address was 88.88.88.88?
I've been struggling off and on for a few months, searching ever so often for something I can translate into something useful and usable.
I have used iptables for whole IP addresses using my WAN ISP instead of VPN IP, which works. However, I just need on specific computer on my home network to receive this incoming tcp port outside of the VPN.
The code I have used for whole machines:
| Code: | ip route flush table 200
ip route del default table 200
sleep 1
ip route flush cache
sleep 1
nvram set no_vpn_lst="10.10.1.192 10.10.1.16"
nvram commit
sleep 1
#!/bin/sh
NO_VPN_LST=`nvram get no_vpn_lst`
[ -z "$NO_VPN_LST" ] && exit 0
sleep 3
# WAN_GWAY="0.0.0.0"
# while [ $WAN_GWAY == "0.0.0.0" ]; do
# sleep 3
# WAN_GWAY=`nvram get wan_gateway`
# done
ip route add default via $(nvram get wan_gateway) table 200
for ipa in $NO_VPN_LST; do
ip rule add from $ipa table 200
done
ip route flush cache
exit 0 |
With OpenVPN client turned off, traffic routes just fine with WAN IP and the ports 3232 and 3333.
Any suggestions? |
|
