Hello everybody.
My task is to configure OpenWrt with Outline client for specific IP/DNS addresses.
For example, I want a specified IP/DNS pool to be accessed with Outline tunnel configured in OpenWrt, other addresses should be accessed through the main gateway (for example as, AllowedIPS on WireGuard).
Please send instructions on how to do this using available tools OpenWrt.
Thank you!
Not exactly WG, but similar in general …. outline.
Thanks.
In order to avoid burdening anyone with additional information, can you tell me which tools from your instructions i can using for create routing rules?
Do you need to know how to locate the routing menu in the web GUI?
Including...
I already did installed Outline, tunnel worked, but for all traffic, as the forwarding port was configured, which is why the rules PBR did not work. Iam not very familiar with routing settings and maybe mistaken.
You suggest using resolver dnsmasq nft set in PBR?
Used this instruction https://sourceforge.net/projects/outline-install-wrt/
No clue what you're asking, feel free to clarify. Anyways, the routing menu can be found under:
Network > Routing > Static IPv4 Routes
The rules are found under the IPv4 Rules tab.
Okay, thx, i trying it.
For DNS traffic need using PBR, for IP address Routing, yea?
For Split DNS traffic you can either use a REDIRECT firewall rule or use DNSMasq tagging per client
For PBR routing you can use netifd like other posters already outlined (no pun intended)
Not meant for you specific situation but maybe my notes can shed some light how to do manual routing with netifd:
Have a look at the paragraphs about Creating routing tables via the VPN and Creating IP rules
Just to be clear, if you use the PBR app, you don't need to access the pages I mentioned. You'd configure via PBR.
I think outline uses kmod-tun so might work with the PBR app but I never used outline. If so a viable alternative for manual setup 
I start from beginning, I install SS according instructions https://openwrt.org/docs/guide-user/services/proxy/shadowsocks
It turned out the opposite. By default, the route goes to Outline tunnel, and addresses below are transmitted directly.
Please check my config and indicate where i went wrong.
config server 'sss0'
option server 'XXX'
option server_port '10838'
option password 'XXX'
option method 'chacha20-ietf-poly1305'
config ss_tunnel
option disabled '0'
option server 'sss0'
option local_address '0.0.0.0'
option local_port '8053'
option tunnel_address '8.8.8.8:53'
option mode 'tcp_and_udp'
config ss_redir 'ssr0'
option disabled '0'
option server 'sss0'
option local_address '0.0.0.0'
option local_port '1100'
option mode 'tcp_and_udp'
option reuse_port '1'
config ss_rules 'ss_rules'
option redir_tcp 'ssr0'
option redir_udp 'ssr0'
option src_default 'checkdst'
option dst_default 'forward'
option local_default 'checkdst'
list src_ips_bypass '212.102.35.236/24'
list src_ips_checkdst '212.102.35.236/24'
list dst_ips_bypass '212.102.35.236/24'
My last post made sense as an alternative implementation of my idea.
I went on to implement dnsmasq.
I have only 1 internet adapter (br-lan eth0). I thought that i could create a second adapter or alias for eth0 and send all traffic through tunnel on SS rule.
However, this did not work. Alias could not be assigned as an interface for SS, and second adapter (eth1) did not connect to internet when assigned in ss_redir and ss_tunnel.
Therefore, i have a question, what should I do to create DNS routing?