How to elegantly add a manually created interface to WAN zone?


On Openwrt I manually run openconnect and create a tunnel name "vpn-vpn". IP/route has been taken care of. What's the best way to add this interface to WAN zone?

  • does ifconfig list the interface name in its output?
  • does the interface appear as interface in LuCi?

If you create the tunnel manually, follow the common way for unmanaged protocols:

yes to ifconfig and no to LuCi

Is this still applicable

uci del_list firewall.wan.device="tun+"
uci add_list firewall.wan.device="tun+"

I can only see this line in openwrt22

firewall.@zone[1].network='wan' 'vpn'

Yes, it works:

uci add_list firewall.@zone[1].device="dev_name"

Nice it works!

I wasn't sure about "network" vs "device" and thank you for confirming.

Found it documented here:
[OpenWrt Wiki] Firewall configuration /etc/config/firewall

