I have been using without issues pbr-1.1.1-7 and its Luci counterpart for a while on OpenWRT <= 23.05.04. Very simple ruleset sending traffic from a distinct wifi network to a wireguard link.
However, I noticed there's a new version of pbr labeled 1.1.6-20, and this version is unable to startup, as it has trouble to recognize the WG links. This problem persisted on both OpenWRT 23.05.04 and 23.05.05.
I have some older custom builds (23.05.04 built in July) with embedded pbr 1.1.1-7, so I've been able to move back and forth between versions, and I can confirm that my config works fine with the older pbr package.
I'm wondering if someone else is experiencing these issues:
I came to the forum just now specifically to see if anyone else was having this issue..
I experienced the same on a Netgear r7800 I tried upgrading earlier today from 23.05.03 to 23.05.05. The version in 23.05.03 (1.1.1-7) starts and runs normally. The version in 23.05.05 (1.1.6-20) will not start.
I do not have any WG links, I use OpenVPN for the 'other' WAN.
Unfortunately, I don't have anything useful to contribute yet aside from a +1.
I can add that I'm running OpenWRT on Google WiFi. I really don't think the device is relevant, as the PBR packages are labeled as "-all", meaning they are the same for all platforms [quite possibly it is just a bunch of scripts].
I had some problems with 1.1.6-20 starting also. In my case the problem was in function is_lan in /etc/init.d/pbr:
is_lan() { local d; network_get_device d "$1"; str_contains "$d" 'br-lan'; }
I have a VLAN on br-lan that actually is wan so this function doesn't work for me. To fix my problem I changed "br-lan" in is_lan function to "br-lan.xyz" where "br-lan.xyz" is the actual lan VLAN device.
I don't know if this helps in your case, but thought I'd mention it.
Thank you for posting this. Would it have helped if in addition to procd_wan_interface there would be a list (procd_lan_interface) where you could define your LAN interfaces for the is_lan() function?
Should the interfaces listed in this option be the Linux interface names (e.g. eth1, eth2), or the logical OpenWrt interface names (e.g. lan, guest)?
I thought it would probably be the Linux interface name, but I looked through the code and the related procd_wan_interface option seems to default to wanin the code, which is the logical OpenWrt interface name (in my setup the WAN Linux interface is eth0). My WAN interface appears to be detected correctly without setting procd_wan_interface.
EDIT: Also, the procd_lan_interface option now seems to have been removed, although it's still described in the doc? Does this mean the option is no longer needed with 1.1.7?
Didn't realize that particular behavior changed. I had a little free time today to troubleshoot and re-read the readme. 1.1.6-20 started just fine once I defined the wan interface in the options. Lesson learned.
This lists the procd_lan_interface option, but it also says the doc is for v1.1.7-17, and the option doesn't seem to exist in that release.
I have "unusual" LAN interfaces, so I'm just trying to decide whether I need to worry about making sure I specify this option correctly (hence my questions about what type of interface names this option expects), or whether I can just ignore it completely and upgrade to the latest 1.1.7 release instead.
I have 1.1.6-20 installed currently. I honestly don't know if the option works as intended, because it's not clear to me exactly what pbr uses it for (something do to with the nft reload killswitch?)
I'm currently using the appropriate Linux interface names (eth1, eth2 etc) in this option. Is that what I should be doing?
I wouldn't expect the option to do anything in 1.1.7-17, because it seems to have been removed in 1.1.7-5?:
But I'm not sure if I'm missing something here, because it's still described in the 1.1.7-17 doc.
Since this thread has gone cold, it seems that there are some fixes down the pipeline for people to catch up. While these changes propagate, it would be super useful if you rolled back PBR and its associated packages back to 1.1.1-7, so people can build working systems using the latest 23.05.05.
