How to turn off openvpn route for router?

Installing and Using OpenWrt Network and Wireless Configuration
22

You need to identify it though, because if it is transmission, then it's working fine.

23

Ok.

Could you help me find a way to identify it, because it is most likely transmission.

Problem is,
while transmission is actively trying to download,
it doesn't actually download,
I chose a torrent that has a lot of seeders so that it can work seamlessly,
and all other traffic to internet gets blocked by the openvpn client,
i.e. I cannot open a random website,
it seems as if the openvpn client,
since it blocks P2P traffic,
suspends the connection until i pause transmission,
then the internet is restored.

thank you

Edit
For example I cannot even post here till I pause transmission
however,
if I stop openvpn,
and start the transmission,
the torrent downloads within seconds

24

I goofed up.
Yesterday, while I was trying to get transmission to work with user 'transmission', while trying everything I chown -R transmission:transmission /overlay so, many things got the user '224' which I allowed to bypass openvpn :confused: so it could be anything that is using that port

Sorry for the confusion, I'll do a fresh install tomorrow and report back!

Thank you kind Sir

1 Like
25

netstat -anp | grep 51820

1 Like
26

I did a fresh install.

The good news is while transmission is trying to download, the rest of normal traffic isn't getting choked.

Some progress, I guess.

Bad news is transmission still isn't downloading.

tcpdump - https://ufile.io/dc6eflcs

Edit

root@OpenWrt:~# netstat -anp | grep 58766
udp        0      0 0.0.0.0:58766           0.0.0.0:*                           2234/openvpn

Edit

tcpdump - https://ufile.io/icpjvg45

root@OpenWrt:~# netstat -anp | grep 55284
udp        0      0 0.0.0.0:55284           0.0.0.0:*                           4495/openvpn

Thank you

27

But this is not the port that transmission is using. You are matching the port of OpenVPN.

28

doesn't seem to be showing anything :confused:

tcpdump - https://ufile.io/ue6vq8o1

root@OpenWrt:~# netstat -anp | grep 4569
root@OpenWrt:~# netstat -anp | grep 4569
root@OpenWrt:~# netstat -anp | grep 4569
root@OpenWrt:~#
29

What is the output of netstat -anp | grep transm ?

30

tcpdump - https://ufile.io/b85hkunp

root@OpenWrt:~# netstat -anp | grep 55284
udp        0      0 0.0.0.0:55284           0.0.0.0:*                           4495/openvpn
root@OpenWrt:~# netstat -anp | grep 4569
root@OpenWrt:~# netstat -anp | grep 4569
root@OpenWrt:~# netstat -anp | grep 4569
root@OpenWrt:~# netstat -anp | grep transm
tcp        0      0 0.0.0.0:51413           0.0.0.0:*               LISTEN      3171/transmission-d
tcp        0      0 0.0.0.0:9091            0.0.0.0:*               LISTEN      3171/transmission-d
tcp        0      0 192.168.1.1:9091        192.168.1.113:55126     ESTABLISHED 3171/transmission-d
tcp        0      0 :::51413                :::*                    LISTEN      3171/transmission-d
udp        0      0 0.0.0.0:48039           0.0.0.0:*                           3171/transmission-d
udp        0      0 0.0.0.0:51413           0.0.0.0:*                           3171/transmission-d
udp        0      0 0.0.0.0:44671           0.0.0.0:*                           3171/transmission-d
udp        0      0 :::39075                :::*                                3171/transmission-d
unix  3      [ ]         STREAM     CONNECTED       4754 3171/transmission-d 
unix  3      [ ]         STREAM     CONNECTED       4755 3171/transmission-d 
root@OpenWrt:~#

Thanks.

Edit
The user 'transmission' with uid '224'
gets trimmed to 'transm'
do you feel maybe that's why specifying the uid
in the config below,
is not working

config rule
	option lookup '100'
	option uidrange '224'

config route
	option metric '200'
	option table '100'
	option gateway '192.168.0.1'
	option interface 'wan'
        option target '0.0.0.0'
        option netmask '0.0.0.0'
31

Looking at the posted configuration, the correct logical interface name should be wwan and not wan.
This is (most likely) why routing table 100 is empty.

This doesn't look right either (the uidrange selector is missing).

Comment out the ip rule/route in /etc/config/network and create them manually

ip route add default via 192.168.0.1 table 100
ip rule add uidrange 224-224 table 100 prio 1

If it starts working as expected, find the correct uci syntax.

If it still doesn't work, I would start thinking about the opposite approach - disable the default route via vpn for the router itself and create an ip rule/route for the LAN clients to use the vpn service.

2 Likes
32

This worked, Thank you, however there was a funny byproduct, transmission upstream webui (http://192.168.1.1:9091/transmission/web/) does not load, downloads continue in the background without transmission upstream webui loading.

Once I change the target to 0.0.0.0/32, transmission upstream webui loads but downloads stop.

I'm sure it is some other related issue like transmission whitelist or something but I don't know why, if you could please shed some light on what could possibly be the cause, thank you

Manually added as below

1
1956×630 43.7 KB

2
2951×628 51.6 KB

3
3970×628 56.6 KB

4
4952×630 43.9 KB

5
5981×627 59.5 KB

6
6960×627 59.7 KB

config route
        option table '100'
        option interface 'wwan'
        option gateway '192.168.0.1'
        option target '0.0.0.0/0'

config rule
        option lookup '100'
        option uidrange '224-224'
        option priority '1'
33

Try adding this:

config route
	option table '100'
	option interface 'lan'
        option target '192.168.1.0'
        option netmask '255.255.255.0'

Also the trasmission is using port 51413.

2 Likes
34

Sorry for misleading you, I edited the previous post, it is transmission upstream webui (http://192.168.1.1:9091/transmission/web/) that is not working, I'm not trying to reach transmission webui remotely via 51413 and I didn't mean 'luci-app-transmission'

Thank you

Edit
Also, when I manually create a route, via luci
a subnet is required. option target '0.0.0.0/0'

I just don't quite understand while everything works as expected, why the transmission upstream webui (http://192.168.1.1:9091/transmission/web/) does not

config route
        option table '100'
        option interface 'wwan'
        option gateway '192.168.0.1'
        option target '0.0.0.0/0'

config rule
        option lookup '100'
        option uidrange '224-224'
        option priority '1'

I tried

1
1941×522 40.7 KB

2
2940×595 48.1 KB

3
3954×617 56.7 KB

config route
        option table '100'
        option gateway '192.168.0.1'
        option interface 'wwan'
        option target '0.0.0.0/0'

config rule
        option lookup '100'
        option uidrange '224-224'
        option priority '1'

config route
        option interface 'lan'
        option table '100'
        option target '192.168.1.0/32'

Didn't work :confused: to load transmission upstream webui (http://192.168.1.1:9091/transmission/web/)

Edit
Just to be clear, it partially loads, i.e transmission upstream webui html loads, the torrent information and resume which has user 'transmission' (

chown -R transmission:transmission /overlay/samba/downloads/temp
chown -R transmission:transmission /overlay/samba/trans/
chown -R transmission:transmission /overlay/samba/trans/resume
chown -R transmission:transmission /overlay/samba/trans/torrents

) does not load
So, I guess that needs to be routed back to local network, like you suggested, but it does not happen :confused:

35

I understood that.I mentioned port 51413 because in the previous netstats you kept trying to find the port transmission is using to connect to other peers.

The netmask is wrong, should be /24.

2 Likes
36

@trendy Thank you so much! Sincerely appreciate your help :slight_smile:

@pavelgl Thank you! :pray:

2 Likes
37

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.