I tried disabling PBR.
un minimo di contesto ...
ifdown wg0
ping -c 5 8.8.8.8
traceroute -n 8.8.8.8
1 Like
check main thread
- Then what are your configs - can you show them?
- Are you willing to provide more details?
- Describe how you disabled Wireguard
(Come promemoria, si prega di astenersi dal modificare i vecchi post per trasmettere un nuovo contesto, è fonte di confusione.)
As a reminder:
As a reminder, please refrain from editing old posts to convey new context, it's confusing.
1 Like
Which ?
please link ...
1 Like
RSHARM means they edited post no 1 - instead of placing it in the new post.
This is the confusion I was referring to.
(Questa è la confusione a cui mi riferivo.)
1 Like
Then what are your configs - can you show them?
Are you willing to provide more details?
Yes
Describe how you disabled Wireguard
Please use:
cat /etc/config/network
cat /etc/config/pbr
Please provide the details at this time.
Si prega di fornire i dettagli in questo momento.
Please use words in the future to describe pictures.
Si prega di utilizzare le parole in futuro per descrivere le immagini.
1 Like
root@OpenWrt:~# cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix '::::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
option macaddr ''
option ipv6 '0'
config device
option name 'eth0'
option macaddr ''
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.1'
option ip6assign '60'
option netmask '255.255.255.240'
list dns '127.0.0.1'
config interface 'Guest'
option proto 'static'
option netmask '255.255.255.248'
option ipaddr '10.10.10.1'
list dns '127.0.0.1'
option device 'br-guest'
config device
option type 'bridge'
option name 'br-guest'
option bridge_empty '1'
option macaddr ''
config device
option name 'wan'
option macaddr ''
config interface 'wan'
option device 'wan'
option proto 'dhcp'
option hostname '*'
option peerdns '0'
list dns '127.0.0.1'
option gateway 'WAN_GATEWAY'
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
option reqprefix 'auto'
option peerdns '0'
list dns '0::1'
option reqaddress 'try'
option auto '0'
config interface 'Wireguard'
option proto 'wireguard'
list addresses '10.2.0.2/32'
list dns '127.0.0.1'
list dns '10.2.0.1'
option private_key ''
config wireguard_Wireguard
list allowed_ips '0.0.0.0/0'
option route_allowed_ips '1'
option persistent_keepalive '25'
option description ''
option public_key ''
option private_key ''
option endpoint_host '169.150.196.77'
config device
option name 'lan3'
option macaddr ''
config device
option name 'lan4'
option macaddr ''
config device
option name 'lan1'
option macaddr ''
config device
option name 'lan2'
option macaddr ''
config device
option name 'ifb-dns'
option macaddr ''
config interface 'Private'
option proto 'static'
option ipaddr '192.168.2.1'
option device 'br-private'
option netmask '255.255.255.240'
list dns '127.0.0.1'
config device
option type 'bridge'
option name 'br-private'
option macaddr ''
config wireguard_Wireguard
option description ''
option public_key ''
option private_key ''
list allowed_ips '0.0.0.0/0'
option route_allowed_ips '1'
option endpoint_host ''
option persistent_keepalive '25'
option disabled '1'
config wireguard_Wireguard
option description ''
option public_key ''
option private_key ''
list allowed_ips '0.0.0.0/0'
option endpoint_host ''
option persistent_keepalive '25'
option route_allowed_ips '1'
option disabled '1'
root@OpenWrt:~# cat /etc/config/pbr
config pbr 'config'
option verbosity '2'
option resolver_set 'none'
list ignored_interface 'vpnserver'
list ignored_interface 'wgserver'
option boot_timeout '30'
option rule_create_option 'add'
option procd_reload_delay '1'
option webui_show_ignore_target '0'
list webui_supported_protocol 'all'
list webui_supported_protocol 'tcp'
list webui_supported_protocol 'udp'
list webui_supported_protocol 'tcp udp'
list webui_supported_protocol 'icmp'
option ipv6_enabled '0'
option strict_enforcement '0'
option enabled '1'
config include
option path '/usr/share/pbr/pbr.user.aws'
option enabled '0'
config include
option path '/usr/share/pbr/pbr.user.netflix'
option enabled '0'
config policy
option name 'Plex/Emby Local Server'
option interface 'wan'
option src_port '8096 8920 32400'
option enabled '0'
config policy
option name 'Plex/Emby Remote Servers'
option interface 'wan'
option dest_addr 'plex.tv my.plexapp.com emby.media app.emby.media tv.emby.media'
option enabled '0'
config policy
option name 'WireGuard Server'
option interface 'wan'
option src_port '51820'
option chain 'output'
option proto 'udp'
option enabled '0'
config policy
option dest_addr 'www.google.com'
option name 'Website - google'
option interface 'Wireguard'
config policy
option src_addr '10.10.10.1/29'
option interface 'Wireguard'
option name 'Zone - Guest'
config policy
option src_addr '192.168.1.6'
option interface 'wan'
option name ''
config policy
option src_addr '192.168.1.4'
option name ''
option interface 'wan'
config policy
option name ''
option src_addr ''
option interface 'Wireguard'
option enabled '0'
config policy
option dest_addr ''
option interface 'wan'
option name 'Website - ''
option enabled '0'
config policy
option src_addr ''
option name 'TV'
option interface 'wan'
config policy
option name 'DNS'
option dest_port '53'
option interface 'Wireguard'
config policy
option dest_port '853'
option name 'DoT'
option interface 'Wireguard'
config policy
option name 'VoWiFi'
option dest_port '500 4500'
option proto 'udp'
option interface 'Wireguard'
config policy
option name 'VoWiFi'
option dest_port '143'
option proto 'tcp'
option interface 'Wireguard'
config policy
option name 'WhatsApp'
option dest_port '4244 5222 5223 5228 5242 50318 59234 3478 45395'
option interface 'Wireguard'
option src_addr ''
config policy
option name ''
option src_addr ''
option interface 'Wireguard'
option enabled '0'
config policy
option src_addr '192.168.2.1/28'
option name 'Zone - Private'
option interface 'wan'
config policy
option name 'LAN All Other'
option src_addr '192.168.1.1/28'
option interface 'wan'
config include
option path '/usr/share/pbr/pbr.user.facebook1AS32934'
option enabled '1'
config include
option path '/usr/share/pbr/pbr.user.facebook2AS63293'
option enabled '0'
config include
option path '/usr/share/pbr/pbr.user.google'
option enabled '0'
config include
option path '/usr/share/pbr/pbr.user.googleAS15169_IPList'
option enabled '0'
?
You sure you disabled things?
Please provide the output of:
ip route get 8.8.8.8 from 192.168.1.1
ip route get 8.8.8.8 from 10.10.10.1
root@OpenWrt:~# ip route get 8.8.8.8 from 192.168.1.1
8.8.8.8 from 192.168.1.1 dev Wireguard uid 0
cache
root@OpenWrt:~# ip route get 8.8.8.8 from 10.10.10.1
8.8.8.8 from 10.10.10.1 dev Wireguard uid 0
cache
1 Like
As you can see, you are still routing traffic to the Wireguard interface.
Come puoi vedere, stai ancora instradando il traffico verso l'interfaccia Wireguard.
You will need to fix this to traffic to the intended egress interface.
Dovrai correggere questo problema per il traffico verso l'interfaccia di uscita prevista.
1 Like
How to fix it ?
But googling my IP shows ISP IP not VPN IP
The same way you setup Wireguard - configure PBR to use the interface you desire.
Allo stesso modo in cui imposti Wireguard: configura PBR per utilizzare l'interfaccia che desideri.
Please explain how you successfully used the Internet with your issue.
Spiega come hai utilizzato con successo Internet con il tuo problema.
1 Like
The same way you setup Wireguard - configure PBR to use the interface you desire.
What is wrong with my PBR config
Please explain how you successfully used the Internet with your issue.
With PBR and Wireguard enable internet works
That is Router's output. Which is not set in PBR and by default goes though VPN
To be clear, you stated that you have nothing set. As you know traffic works by default in OpenWrt. What do you need assistance with?
Per essere chiari, hai affermato di non avere nulla di impostato. Come sai il traffico funziona di default in OpenWrt. Per cosa hai bisogno di assistenza?
It's confusing and difficult to assist when things changes.
È confuso e difficile assistere quando le cose cambiano.