Hello, I've setup following rules on my openwrt in firewall custom script
ip rule del fwmark 1
ip route add local 0.0.0.0/0 dev lo table 100
ip rule add fwmark 1 table 100
ip -6 rule del fwmark 1
ip -6 route add local default dev lo table 100
ip -6 rule add fwmark 1 lookup 100
but seems these rules got lost sometimes (maybe due to my pppoe reconnect) . https://openwrt.org/docs/guide-user/network/ip_rules suggested that I can write these command into openwrt config , but I'm totally unfamiliar with semantic of these command, how could I translate these commands into config ? by the way is it possible to view the 'translated ip invoking command line' in openwrt , so I can better understood the result of config translate process? (these translation can be found in openwrt source code, but I wonder if there is a quick way to view the final invoking command line)
Currently my command is written in firewall.user so I think it should be already included by firewall.
does openwrt always re-apply firewall script on PPPoe reconnection? and is it safe to maintain ip rule in firewall script ? I mean sometimes I found ip rule lost , likes that openwrt maintain/flush ip rules without re-apply firewall script (I'm not sure about this).
my iptables (command result) in firewall.user always consist, but ip rule not always consist, that's why I have ip rule del first(I don't need to do this for iptables since before firewall script applied, openwrt already reflushed iptables rules). plus , I'd like to know how to write this as openwrt builtin support format, for better maintenance.
uci add network rule
uci set network.@rule[-1].lookup='100'
uci set network.@rule[-1].mark='0x1'
uci add network route
uci set network.@route[-1].interface=lan
uci set network.@route[-1].target='0.0.0.0'
uci set network.@route[-1].netmask='0.0.0.0'
uci set network.@route[-1].type='unreachable'
uci set network.@route[-1].table='100'