DD-wrt, everything thru VPN accept Netflix

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking
Goto page Previous  1, 2, 3, 4, 5, 6
Author Message
Deviling Master
DD-WRT Novice


Joined: 04 May 2018
Posts: 7

PostPosted: Thu May 31, 2018 16:53    Post subject: Reply with quote
I've read through this thread but I'm not sure which solution really works now? Can someone post the final working solution again please?

I need to specify that a specific domain should no be routed under VPN. All the other traffic remains routed under VPN.

I already tried: https://pastebin.com/D96qMp5k
I already tried: https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1014263

but no luck so far.

Thanks
Sponsor
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Thu May 31, 2018 18:22    Post subject: Reply with quote
Deviling Master wrote:
I've read through this thread but I'm not sure which solution really works now? Can someone post the final working solution again please?

I need to specify that a specific domain should no be routed under VPN. All the other traffic remains routed under VPN.

I already tried: https://pastebin.com/D96qMp5k
I already tried: https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1014263

but no luck so far.

Thanks


There have been several approaches, and I'm not sure any of them in this thread, or even script in that link, have proven to be 100% reliable or work for everyone.

That said, I suspect the only approach that has a hope of being nearly bulletproof is a solution based on ipset. But as been mentioned numerous times on the dd-wrt forums, ipset (even though it's been around a long time) has never been supported by dd-wrt. And that makes solving this type of problem very difficult. Every other approach ends up being a kludge.

That's why, at the request of another dd-wrt member (tdx79), I created a variant of my advanced PBR script based on ipset.

https://forum.dd-wrt.com/forum/viewtopic.php?p=1121441

The discussion takes place on the last couple of pages.

Although dd-wrt still doesn't support ipset, another dd-wrt member (James MacWhite, don't remember his forum name) has compiled the necessary modules to implement ipset in dd-wrt, at least for ARM based routers.

https://github.com/jamesmacwhite/ipset-netgear-r7000-dd-wrt/wiki/Using-ipset-with-dnsmasq-and-iptables

So I created a variant of my script that looks for the necessary ipset components, and if found and configured properly, will use it.

https://pastebin.com/9rQTDgz1

While it's only been used by a few ppl (hit count is currently 100), I haven't heard any complaints or issues since releasing it. I assume it's working fine.

Again, it's only an ARM solution at the moment, not MIPS. And not necessarily because of my script, but that's the only modules known to be available. I assume if someone had the desire and skill, the same could be done for MIPS routers as well.
Deviling Master
DD-WRT Novice


Joined: 04 May 2018
Posts: 7

PostPosted: Thu May 31, 2018 18:28    Post subject: Reply with quote
Thank you eibgrad.

After several tries, while I was waiting a reply here, I think I found a working configuration:
Quote:
SCRIPT_DIR="/tmp/etc/config"
SCRIPT="$SCRIPT_DIR/add-routes.wanup"
mkdir -p $SCRIPT_DIR

cat << "EOF" > $SCRIPT
#!/bin/sh

# dd-wrt selective domain routing
WAN_GW="$(nvram get wan_gateway)"

# list domains for selective routing
for domain in \
"in.alice.it" \
"whatsmyip.org"
do
# extract ip addresses
for ip in $(nslookup $domain | awk '/^Name:/,0{if (/^Addr/)print $3}'); do
# add class c route for each ip address to wan gateway
ip route add `echo $ip | cut -d . -f 1,2`.0.0/16 via $WAN_GW
done
done

# flush cache
ip route flush cache
EOF

chmod +x $SCRIPT
sleep 60
$SCRIPT


The configured domain is related to an IMAP server which allows connection only from the ISP connection itself and not other sources (this is very uncomfortable and bad...). This is why I need to exclude this particular domain from VPN.

As IMAP server, I tried manually with "telnet in.alice.it 143" and server replies fine, so I think the provided script is working fine (configured as STARTUP SCRIPT).

My router is NETGEAR WNDR3700 with DD-WRT v3.0-r36006 std (05/23/18 )
JNehru
DD-WRT Novice


Joined: 31 Aug 2018
Posts: 8

PostPosted: Mon Nov 19, 2018 14:35    Post subject: Reply with quote
It is difficult to do coding for an average user like me. I prefer a Netflix VPN which enables me to mask all the Netflix traffic through an encrypted tunnel. I prefer this method over the coding version you guys mentioned above.
Moose
DD-WRT Novice


Joined: 03 May 2008
Posts: 4

PostPosted: Tue Feb 12, 2019 1:25    Post subject: Reply with quote
dahosepipe,

I just installed your dd-wrt-startup-script today and it worked great with my VPN and opened up Netflix but my Amazon Prime Videos are still blocked. Is there a way that I can find the URLs that Amazon is using to steam their videos to my location so I can add those URLs to your script.

Thank you for your help.

mOOse
Goto page Previous  1, 2, 3, 4, 5, 6 Display posts from previous:    Page 6 of 6
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum