Policy Based Routing guide for DDWRT

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking
Goto page Previous  1, 2
Author Message
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 4813
Location: Netherlands

PostPosted: Wed Nov 06, 2019 17:56    Post subject: Reply with quote
boris03 wrote:
You are the man:-)

So it works - Proof of concept for you working also on WAP routers, and I leave it like it is!


The only thing what would be great for other dummy users like me, if you could achieve to include it in the Web GUI with two flags for restart and reboot.


Hmm, although not very difficult (I did look into it) we have this reasonable easy fix handy.

Everything you add counts and makes the code larger and we have to consider routers with low (flash) ram.
I am not the one in charge and the lead developer is understandably reluctant.
I still have a pending request (and I even have added the necessary code/patch Sad )

_________________
Routers:Netgear R7800, Netgear R6400v1, Netgear R6400v2, Linksys EA6900 (XvortexCFE), Linksys E2000 (converted WRT320N), WRT54GS v1.
Install guide Linksys EA6900: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=291230
OpenVPN Policy Based Routing guide: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=321686
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN Server Setup:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Wireguard Setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1183135
Sponsor
t81
DD-WRT Novice


Joined: 04 Nov 2015
Posts: 48

PostPosted: Mon Dec 30, 2019 19:03    Post subject: Reply with quote
Having recently started using PBR I stumbled upon a security threat that I believe anyone should be aware of. Check signature.

Many thanks to egc for the kind support.

_________________
Netgear R7800 - Firmware: DD-WRT v3.0-r41813 std (12/29/19)
OpenVPN PBR + Privoxy = IP EXPOSURE: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=322517&start=0
foz111
DD-WRT User


Joined: 01 Oct 2017
Posts: 243
Location: Earth

PostPosted: Thu Feb 13, 2020 17:18    Post subject: Reply with quote
I upgraded a mates r7800 to build BS build 41813 from feb 2019 kong build and started a fresh, nvram erased so he can PBR.
Basically he lives in the UK and had everything going through his PIA VPN gateway on the r7800, (PIA don't support bbc iplayer) but his kids want to watch BBC iplayer from time to time.
The PBR routing is working a treat with local ip's but he has a stb emu installed on smart tv for some iffy iptv as well as the bbc iplayer app so i am unable route the tv ip through the none vpn gateway, so trying to force it to route any BBC ip via net_gateway as per egc tutorial (big thanks to egc for your guide by the way!)
i added "route 212.58.0.0 255.255.0.0 net_gateway #bbc"
in to the advanced config & rebooted but still seems to see it as vpn ip as it will not allow it to play.
Any ideas what i am doing wrong?
thanks
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 4813
Location: Netherlands

PostPosted: Fri Feb 14, 2020 11:11    Post subject: Reply with quote
BBC is active blocking vpn just like Netflix.
It has been a long time ago that I could watch the bbc with PIA

Sometimes when PIA has a new server it works for some time but only if you also send your DNS query through the vpn and use an in private webrowser or clear browser cache and block webrtc

_________________
Routers:Netgear R7800, Netgear R6400v1, Netgear R6400v2, Linksys EA6900 (XvortexCFE), Linksys E2000 (converted WRT320N), WRT54GS v1.
Install guide Linksys EA6900: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=291230
OpenVPN Policy Based Routing guide: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=321686
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN Server Setup:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Wireguard Setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1183135
foz111
DD-WRT User


Joined: 01 Oct 2017
Posts: 243
Location: Earth

PostPosted: Fri Feb 14, 2020 11:40    Post subject: Reply with quote
egc wrote:
BBC is active blocking vpn just like Netflix.
It has been a long time ago that I could watch the bbc with PIA

Sometimes when PIA has a new server it works for some time but only if you also send your DNS query through the vpn and use an in private webrowser or clear browser cache and block webrtc


Hi egc

yes i am aware BBC does not work with PIA that is why i was trying to force it through the net_gateway not the vpn_gateway.
so his tv IP set in PBR to route via the vpn and i was trying to force bbc to route through none vpn gateway even though the ip is going through the vpn, it was my understanding that the "force" rule overrides the pbr?
Is this not the case or am i missing something? almost like split tunnelling on the tv so everything goes through the vpn apart from bbc
thanks mate
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 4813
Location: Netherlands

PostPosted: Fri Feb 14, 2020 15:26    Post subject: Reply with quote
You are right but the bbc uses many ip addresses you probably need ipset to get them all or search the internet for the range of IP addresses
_________________
Routers:Netgear R7800, Netgear R6400v1, Netgear R6400v2, Linksys EA6900 (XvortexCFE), Linksys E2000 (converted WRT320N), WRT54GS v1.
Install guide Linksys EA6900: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=291230
OpenVPN Policy Based Routing guide: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=321686
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN Server Setup:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Wireguard Setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1183135
foz111
DD-WRT User


Joined: 01 Oct 2017
Posts: 243
Location: Earth

PostPosted: Fri Feb 14, 2020 18:32    Post subject: Reply with quote
unable to get bbc iplayer ip range online had a search about but does not seem to be available, currently not got a linux machine for ipset, is there any windows program available?
tried tracert from cli but ip's dont seem to unblock it.
forced the dns through net_gateway just in case it was picking it up from that but no joy.
i have confirmed that the route commands are working with whatsmyip so it is simply down to the ip's of bbc iplayer
tried with domain also no joy
Goto page Previous  1, 2 Display posts from previous:    Page 2 of 2
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum