Need a custom script to fix flaw in ddwrt, will pay $$$

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
View previous topic :: View next topic  
Author Message
DDWRTaway
DD-WRT Novice


Joined: 14 Feb 2017
Posts: 9
PostPosted: Wed Apr 14, 2021 18:49    Post subject: Need a custom script to fix flaw in ddwrt, will pay $$$ Reply with quote
I need a script/settings solution that will check if the connection is working and if not after 30 seconds will automatically issue the commands below. Im not looking for a prewritten script/hack for *might* help me, just the code equivalent of the button commands i send manually through the ddwrt panel.

I can pay crypto upon delivery of working solution. Its very frustrating to run through those commands multiple times a day so it would be greatly appreciated if anyone can help.

Problem: I have openVPN enabled with this firewall script to prevent vpn bypass:

Code:

iptables -I FORWARD -i br0 -o `nvram get wan_iface` -j DROP


My isp changes my ip frequently causing the connection to drop resulting in no internet. For whatever reason ddwrt devs never considered VPN users dont want them to drop exposing their connection and may also have dynamic IP's.

Resolution:

* Status->WAN->DHCP renew
* Service->VPN->OpenVPN disable, apply
* Service->VPN->OpenVPN enable, apply
Back to top View user's profile Send private message
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12888
Location: Netherlands
PostPosted: Wed Apr 14, 2021 19:02    Post subject: Reply with quote
What router, what build number?
_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Back to top View user's profile Send private message
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14221
Location: Texas, USA
PostPosted: Wed Apr 14, 2021 19:12    Post subject: Reply with quote
Since you failed to respond and restore the other thread, it was deleted. Here are quoted posts of advice given from it for posterity:

eibgrad wrote:
Perhaps not ideal, but there is a watchdog feature that will reboot the router automatically if it doesn't get a response from the specified IP(s) within the specified period.

Administration->Keepalive->WDS/Connection Watchdog

Better than having to babysit the failure and handle it manually.


eibgrad wrote:
P.S. Found the following in the dd-wrt wiki.

https://wiki.dd-wrt.com/wiki/index.php/Useful_Scripts#Automatic_Connection_Repair

Have no idea how well it works (some of those script are *very* old), but combined w/ my own openvpn watchdog script (see my signature), it may do the job.


egc wrote:
The connection watchdog (Administration/Management/WDS Connection Watchdog) needs an IP address to poll, most of us use 8.8.8.8 (that is google)


-----

It seems you didn't read this post in yet another thread:

https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1234591#1234591

Do not cross-post in the future. If you have any questions, please refer to the forum rules and guidelines. Thank you.
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Back to top View user's profile Send private message Visit poster's website
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14221
Location: Texas, USA
PostPosted: Thu Apr 15, 2021 16:28    Post subject: Reply with quote
FWIW, a killswitch should exist in the webUI in a future release: https://svn.dd-wrt.com/changeset/46340
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Back to top View user's profile Send private message Visit poster's website
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 9157
PostPosted: Thu Apr 15, 2021 17:54    Post subject: Reply with quote
I can't literally make the OpenVPN client hit the Apply button for disable/enable, but I can renew the DHCP lease after a 30 second check for a lack of connectivity, then the force a restart of the OpenVPN client (effectively the same as disabling and reenabling). Would require a few minor modifications to my OpenVPN watchdog script.
_________________
ddwrt-ovpn-split-basic.sh (UPDATED!) * ddwrt-ovpn-split-advanced.sh (UPDATED!) * ddwrt-ovpn-client-killswitch.sh * ddwrt-ovpn-client-watchdog.sh * ddwrt-ovpn-remote-access.sh * ddwrt-ovpn-client-backup.sh * ddwrt-mount-usb-drives.sh * ddwrt-blacklist-domains.sh * ddwrt-wol-port-forward.sh * ddwrt-dns-monitor.sh (NEW!)
Back to top View user's profile Send private message
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6437
Location: UK, London, just across the river..
PostPosted: Thu Apr 15, 2021 19:22    Post subject: Reply with quote
kernel-panic69 wrote:
FWIW, a killswitch should exist in the webUI in a future release: https://svn.dd-wrt.com/changeset/46340


Idea Idea Rolling Eyes Rolling Eyes I wonder why BS uses DROP instead of REJECT Rolling Eyes Question
_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Back to top View user's profile Send private message
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12888
Location: Netherlands
PostPosted: Thu Apr 15, 2021 19:36    Post subject: Reply with quote
Alozaros wrote:
kernel-panic69 wrote:
FWIW, a killswitch should exist in the webUI in a future release: https://svn.dd-wrt.com/changeset/46340


Idea Idea Rolling Eyes Rolling Eyes I wonder why BS uses DROP instead of REJECT Rolling Eyes Question


The firewall supports logreject but that only worked for TCP so I had to use logdrop.
_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum