Joined: 18 Mar 2014
|Posted: Sat Oct 13, 2018 16:22 Post subject:
|We can provide better assistance if you would share with us your router, firmware and network setup (which you would have known if you bothered to read the forum rules)
I am not sure what you mean, you mention a DNS leak but are referring to a site to detect your IP address (IPv6).
If your IPv4 address is visible then the PBR is not working properly.
If your IPv6 is visible then disable IPv6
When using PBR then DNS queries are send over the WAN so you should set the 3 static DNS servers to Public servers from your VPN provider and Enable 'Query DNS in strict order' , although this is not a foolproof solution.
To be absolutely sure that your ISP's DNS server is not used, you have to use the no-resolv directive in DNSMasq options like:
server= 126.96.36.199 #level3
server= 188.8.131.52 #level3
Although then only servers you specify are used (and you should specify the public DNS servers from the OpenVPN provider) queries are still send over the WAN so theoretically could be intercepted.
So if you are a high level government target you should send the queries over the VPN, for that you need one of @Eibgrad's advanced scripts.
However you need a USB stick/disk for that attached to your router (the script is huge and not easy to setup)
Use ipleak.net to test
Routers: Netgear R6400v1, Netgear R6400v2, Linksys EA6900 (XvortexCFE), Linksys E2000 (converted WRT320N), WRT54GS v1.
Install guide Linksys EA6900: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=291230
Simple PBR (Policy Based Routing) script: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318662
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN server setup guide: