Private Internet Access (pia) wireguard VPN on OpenWrt

Hi there.
how can I exclude specific devices from WG VPN?
In my network, as probably in many networks, some devices need to be excluded. In my OpenVPN setup, I use (extensively) 'VPN Bypas' to exclude IPs or even websites that have to be bypassed:

  • Local IP Addresses to Bypass
  • Remote IP Addresses to Bypass
  • Domains to Bypass

Howe can I do that with those scripts? posted here?

The pbr is a successor to vpnbypass package.

and that would work with WG script as well?
Do you know if it has a GUI ? (sorry, I have not looked at it yet.)

I got the answer:
In this article a similar question is asked about the luci-app-pbr.
Where is pbr and the luci package?
And if it would be take in consideration using Attended Sysupgrade.
That question was from October 2022.
To date, we dont have it in the official app.
So I can safely say that there is no Luci-app-pbr officially in the software DB.
Am I correct?

Or If so, is there an update I missed?
---> update:
I did a deeper search in the forum and found this:

Policy-Based-Routing (pbr) package discussion that dates 1 day ago the last post.
From what I understand there is yet not an official release of the Luci-app.

UPDATE again
during the configuration of my 'new' router with openwrt 23.05.2, I noticed that the package IS there.
So I think the package is only available to the specific updated versions.
Apologies for my confusion in the post.
I decided to keep the text and not delete it for those that might are in my similar situation and looking for the package that is not available unless the openwrt is updated.
My older router cannot be updated.

do I need to install; luci-app-commands for shell execution ?

No not necessary
Any SSH program will do, most OS's have this built in.
I use Putty for Windows

I dont use windows but thats not a a problem. I can ssh of course. I did try but looks like I cant run shell just as is!
I read somewhere that I have to install some shell in Openwrt to run shell script.
Or are there other ways to run shell scripts?

What exactly do you want to do?

I run scripts from SSH command line, but also startup scripts, cron jobs, hotplug action scripts, OpenVPN scripts all without a Luci-app


traying to run the stangri script (
or the PIA script:
but did not work out.

It is not a proper script, there is no shebang and it is a function, you have to call the function from somewhere.

So it is probably not meant to run standalone.

You can do it (do not know what happens) but then add a shebang, make executable and add as last line: pia_update to call the function

Edit: but it has nothing to do with the shell

1 Like

Thanks, updated the gist with the call to pia_update on the last line.

PS. I add the function to the /etc/profile and it has to be called periodically, as when PIA reboots their WG servers, they forget all the peers which were created so the WG tunnels stop working.