I've just put OpenVPN onto a BT HOMEHUB 5A router.
What I want to do is quite like https://lede-project.org/docs/howto/openvpn.client, which AFAICT sends ALL the LAN traffic via the OpenVPN tunnel.
For some of the devices on the LAN, I don't want this to happen, I want their traffic to be NATed out via the normal wan port. I'd prefer to do this based on their MAC address, but can give them static IPs if that's easier.
If possible, I'd also like some sort of "kill switch" so that if the VPN tunnel drops, then traffic that should have gone via the tunnel will be blocked immediately.
I'm never messed with the firewall/routing stuff in LEDE before, so be kind please ...
Thanks lots
Dave