This was very helpful for me. Thanks!
Since I had ip-full installed, I had to uninstall it which gave it heartburn and failed the first time (but it uninstalled vpn-policy-routing). But after the second uninstall, I was able to reinstall vpn-policy-routing and ip-full and things began working again.
vpn-policy-routing is safe to update from the official repo. If you're installing from my repo, I've been known to accidentally push non-ready/test binaries there, so unless you know how to grab an older ipk from github should things break, you may want to stay away.
simple-adblock is strongly advisable to update as it now has config-update functionality to update the outdated URLs for block-lists.
@buckaroo@gadgetguy08 -- I believe it's safe to remove ls table main for OpenWrt, so I've pushed vpn-policy-routing 0.2.1-27 to my repo, please test it on your systems.
I may have to go back to using ip-full at some point tho.
UPDATE: nevermind the above, removed dependency on busybox'es ip implementation and added ip-full to dependencies in 0.2.1-27.
I was able to uninstall all the packages and reinstall them like the previous poster to fix the issue before you pushed the update. So I can't verify if the update would have fixed it. It doesn't break anything though, and things continue to work.
Edit: I just saw that the update on the main feed was only for luci-app-vpn-policy-routing. vpn-policy-routing is still 0.2.1-13.
Hi, I'm new to OpenWrt and homenetworking in general am trying to route a few domains over a mullvad wireguard vpn.
The vpn interface is running fine. When I route all traffic over it, everything runs as expected. However when I try to route specific domains, I am having trouble.
To test, I'm trying to just route traffic to "whatismyipaddress.com" and "mullvad.net" through the vpn. "whatismyipaddress" shows the traffic is routed through the vpn, but "mullvad.net/en/check/" does not show it being routed correctly.
etc/config/vpn-policy-routing below:
config vpn-policy-routing 'config'
option verbosity '2'
option strict_enforcement '1'
option src_ipset '0'
option dest_ipset 'dnsmasq.ipset'
option ipv6_enabled '0'
list supported_interface ''
list ignored_interface 'vpnserver wgserver'
option boot_timeout '30'
option iptables_rule_option 'append'
option iprule_enabled '0'
option webui_enable_column '0'
option webui_protocol_column '0'
option webui_chain_column '0'
option webui_sorting '1'
list webui_supported_protocol 'tcp'
list webui_supported_protocol 'udp'
list webui_supported_protocol 'tcp udp'
list webui_supported_protocol 'icmp'
list webui_supported_protocol 'all'
option enabled '1'
config include
option path '/etc/vpn-policy-routing.netflix.user'
option enabled '0'
config include
option path '/etc/vpn-policy-routing.aws.user'
option enabled '0'
config policy
option name 'Mullvad'
option src_addr '0.0.0.0/0'
option interface 'WGINTERFACE'
option dest_addr 'mullvad.net whatismyipaddress.com'
Alright I made the change and rebooted, but unfortunately have the same result. Do you have any other suggestions? Let me know if you need any additional information. Thanks
Updated /etc/config/vpn-policy-routing below:
config vpn-policy-routing 'config'
option verbosity '2'
option strict_enforcement '1'
option src_ipset '0'
option dest_ipset 'dnsmasq.ipset'
option ipv6_enabled '0'
list supported_interface ''
list ignored_interface 'vpnserver wgserver'
option boot_timeout '30'
option iptables_rule_option 'append'
option iprule_enabled '0'
option webui_enable_column '0'
option webui_protocol_column '0'
option webui_chain_column '0'
option webui_sorting '1'
list webui_supported_protocol 'tcp'
list webui_supported_protocol 'udp'
list webui_supported_protocol 'tcp udp'
list webui_supported_protocol 'icmp'
list webui_supported_protocol 'all'
option enabled '1'
config policy
option dest_addr 'mullvad.net whatismyipaddress.com'
option interface 'WGINTERFACE'
option name 'Mullvad'
So i just recently started using openwrt and have very little linux experience, i went from asuswrt merlin with x3mrouting for netflix/amazon policy based routing.
I set that up many months ago so i cant remember how.
Im now trying to setup netflix/amazon to go through wan, but im clearly missing something basic when it comes to using the vpn-policy-routing.aws.user and vpn-policy-routing.netflix.user
Im not sure they are even used, even though i enabled them, it might be some basic routing/firewall configurations that im missing, cause i set this up last week and mightve missed something.
etc/config/vpn-policy-routing
config include
option path '/etc/vpn-policy-routing.aws.user'
config include
option path '/etc/vpn-policy-routing.netflix.user'
config vpn-policy-routing 'config'
option verbosity '2'
option src_ipset '0'
option ipv6_enabled '0'
option boot_timeout '30'
option iptables_rule_option 'append'
option iprule_enabled '0'
option webui_sorting '1'
list webui_supported_protocol 'tcp'
list webui_supported_protocol 'udp'
list webui_supported_protocol 'tcp udp'
list webui_supported_protocol 'icmp'
list webui_supported_protocol 'all'
option enabled '1'
option webui_enable_column '1'
option webui_protocol_column '1'
option dest_ipset 'dnsmasq.ipset'
option strict_enforcement '1'
option webui_chain_column '0'
list supported_interface 'wg_1'
list supported_interface 'wg_2'
list supported_interface 'wan'
/etc/init.d/vpn-policy-routing reload
Creating table 'wan/eth0/xxx.xxx.xxx.xxx' [✓]
Creating table 'wg_1/xxx.xxx.xxx.xxx' [✓]
Creating table 'wg_2/xxx.xxx.xxx.xxx' [✓]
Routing 'pc1' via wg_1 [✓]
Routing 'pc2' via wan [✓]
Routing 'pc3' via wan [✓]
Running /etc/vpn-policy-routing.aws.user [✓]
Running /etc/vpn-policy-routing.netflix.user [✓]
This works
Routing 'pc1' via wg_1 [✓]
Routing 'pc2' via wan [✓]
Routing 'pc3' via wan [✓]
But it doesnt seem like the vpn-policy-routing.aws.user and vpn-policy-routing.netflix.user and actually used, how can i confirm?
Thank you
EDIT: Actually all the things ive tried when setting manual policy routing, like "Routing 'pc2' via wan [✓]" seems to work, i tried a few combinations
I have got the below errors before when I upgrade or restart VBR and wanted just to inform @stangri incase it is really an error. It does not seem to affect my VBR setup as far as I can tell.
My point was that your config was correct, however you are expecting the mullvad.net ip check to display your mullvad ip but this will not happen since the relevant domains for them are ipv4.am.i.mullvad.net, ipv6.am.i.mullvad.net and am.i.mullvad.net for ips and *.dnsleak.am.i.mullvad.net for dns.
On both Davidc502's last build r13342 and a Snapshot build from today r14365 I cannot get VPR to show enable in the "System - Startup" page of the GUI.
I tried on the Startup page to enable, on the VPR GUI page (enable/disable/start/stop) and via CLI with the "enable" command. None managed to get the VPR to show up as enabled in the GUI Startup page.
When I click "Disabled" it does go green to "Enabled" but if I go off the page and back it is back to "Disabled".
I have confirmed that VPR is up and running and all seems OK.