I upgraded a mates r7800 to build BS build 41813 from feb 2019 kong build and started a fresh, nvram erased so he can PBR.
Basically he lives in the UK and had everything going through his PIA VPN gateway on the r7800, (PIA don't support bbc iplayer) but his kids want to watch BBC iplayer from time to time.
The PBR routing is working a treat with local ip's but he has a stb emu installed on smart tv for some iffy iptv as well as the bbc iplayer app so i am unable route the tv ip through the none vpn gateway, so trying to force it to route any BBC ip via net_gateway as per egc tutorial (big thanks to egc for your guide by the way!)
i added "route 212.58.0.0 255.255.0.0 net_gateway #bbc"
in to the advanced config & rebooted but still seems to see it as vpn ip as it will not allow it to play.
Any ideas what i am doing wrong?
thanks
BBC is active blocking vpn just like Netflix.
It has been a long time ago that I could watch the bbc with PIA
Sometimes when PIA has a new server it works for some time but only if you also send your DNS query through the vpn and use an in private webrowser or clear browser cache and block webrtc
Hi egc
yes i am aware BBC does not work with PIA that is why i was trying to force it through the net_gateway not the vpn_gateway.
so his tv IP set in PBR to route via the vpn and i was trying to force bbc to route through none vpn gateway even though the ip is going through the vpn, it was my understanding that the "force" rule overrides the pbr?
Is this not the case or am i missing something? almost like split tunnelling on the tv so everything goes through the vpn apart from bbc
thanks mate
unable to get bbc iplayer ip range online had a search about but does not seem to be available, currently not got a linux machine for ipset, is there any windows program available?
tried tracert from cli but ip's dont seem to unblock it.
forced the dns through net_gateway just in case it was picking it up from that but no joy.
i have confirmed that the route commands are working with whatsmyip so it is simply down to the ip's of bbc iplayer
tried with domain also no joy
Watchdog script for VPN client
If you are using PBR the normal watchdog function of DDWRT is not working, you have to do your checking via the VPN tunnel.
This also applies if you have setup the OVPN client on a WAP.
Hey there. I found this script late last year and I thought I was running it for the past few months.
Last night I was troubleshooting the (in)stability of my OpenVPN connection and it turns out I wasn't running the script at all because my build (r41664) doesn't include a nohup command. So I deleted nohup and started the script and confirmed that the script process was running, etc.
Then, maybe 12 hours later, my router stopped assigning IP addresses in response to DHCP requests. Then the DHCP server went completely dead while the GUI, etc. continued to operate. After hard resetting, I was able to get things working again.
Is it possible that something (maybe the 'logger' commands) is filling up NVRAM and breaking the DHCP server or something else?
Apologies if this is a stupid question. I'll concede my ignorance and inexperience.
So it works - Proof of concept for you working also on WAP routers, and I leave it like it is!
The only thing what would be great for other dummy users like me, if you could achieve to include it in the Web GUI with two flags for restart and reboot.
I agree. For noobs (like me) it would be great if there is an option "auto reboot at disconnection" in the GUI.
Great PBR functionality in dd-wrt and thanks for you guides.
I played around with it a bit, maybe you can give me an advice and if this can be done and how to do it in the best way.
Basically I want all outgoing traffic to go via the vpn, however I need specific ports to specific local servers to be allowed to come in and connect to the server applications, finally I still want wireguard to work to be able to connect to the local network from the smartphone.
Code:
dd-wrt router with opevnpn set up as client
synology server 1 application 1 utilizing port 1 protocol tcp https, forward on firewall active via my own script
synology server 2 application 1 utilizing port 2 protocol tcp https, forward on firewall active via my own script
synology server 1 application 3 utilizing port 3 protocol tcp https, forward on firewall active via my own script
wireguard in dd-wrt tab tunnel configured to access all local network ips from outside, firewall settings handled by dd-wrt
I tried so far the following utilizing the mentioned script from https://pastebin.com/nC27ETsp.
However it seems I am missing something, when trying the wan ip via ddns name (https://myserver.no-ip.org:xxx1) it does not work.
The log says warning: ipset not supported, however I believe since not using sets this is ok.
Great PBR functionality in dd-wrt and thanks for you guides.
I played around with it a bit, maybe you can give me an advice and if this can be done and how to do it in the best way.
Basically I want all outgoing traffic to go via the vpn, however I need specific ports to specific local servers to be allowed to come in and connect to the server applications, finally I still want wireguard to work to be able to connect to the local network from the smartphone.
Code:
dd-wrt router with opevnpn set up as client
synology server 1 application 1 utilizing port 1 protocol tcp https, forward on firewall active via my own script
synology server 2 application 1 utilizing port 2 protocol tcp https, forward on firewall active via my own script
synology server 1 application 3 utilizing port 3 protocol tcp https, forward on firewall active via my own script
wireguard in dd-wrt tab tunnel configured to access all local network ips from outside, firewall settings handled by dd-wrt
I tried so far the following utilizing the mentioned script from https://pastebin.com/nC27ETsp.
However it seems I am missing something, when trying the wan ip via ddns name (https://myserver.no-ip.org:xxx1) it does not work.
The log says warning: ipset not supported, however I believe since not using sets this is ok.
Seems to me it would have been better to create your own thread concerning your specific problems since this thread (at least as I read it) is a broadly based description of how to implement PBR w/ dd-wrt.
Anyway, something to note when using my script when it comes to remote access. A common problem whenever a local device is bound to the VPN is that the device now becomes inaccessible over the WAN, since its replies are also routed over the VPN (rather than back over the WAN). My script *automatically* corrects for this problem; there is no need to add rules for these purposes. Any connections established inbound over the WAN (or VPN for that matter) are *marked* such that the replies are always forced back over the same network interface! Again, this happens *automatically*. Even if you never add any rules at all to the script, it will fix this problem.
That's one of many reasons why my script is far more sophisticated and feature-rich than what is offered in the GUI, or even by other third-party PBR scripts.