VPN Policy-Based Routing + Web UI -- Discussion

rawd · June 5, 2022, 2:19pm

Just reporting back hnyman included the required legacy libraries now in his latest 22.03 build and pbr is working fine without any modifications.

kinogeroj · June 5, 2022, 10:27pm

I'm understand that I need to provide more details, but I see nothing interesting in general log file of the router and I don't know how to collect VPN PBR specific logs.
I just can say that time to time I cannot open sites routed through VPN GW and then I'm restarting VPN PBR service and it helps for some period of time. Also, I can say that VPN tunnel is fine and there's no disconnection alerts.

stangri · June 6, 2022, 11:52pm

Do you happen to have a list of legacy libraries package names so I could include them as dependencies in the makefile?

stangri · June 6, 2022, 11:53pm

You could start by providing information mentioned in the troubleshooting section of the README.

rawd · June 7, 2022, 11:57am

Is there a way to get this for you out of my config? I don't have a list sorry.

ster1um · June 15, 2022, 10:02pm

Hi,
this warning it's normal?

Warning: iptables-legacy tables present, use iptables-legacy to see them

Nick01 · July 1, 2022, 9:50am

I am getting an error when the daemon is creating tables for any gateway on vpn-policy-routing - 0.3.4-8 building from master today. But the service appears to be running.

Error: failed to set up any gateway!

EDIT: disabling IPv6 support has cleared the error. This hasnt happened before though

jaw_eleazer · July 1, 2022, 12:04pm

hey guys, I have just switched to pbr from VPN Policy-Based routing.

can anyone tell me how do I create a custom user files like the ones pbr.user.aws and pbr.user netflix

I have list of ip addresses (for example valve/steam) in a file how do I make a custom user file with it (so that my steam traffic goes directly without wireguard)

Nick01 · July 1, 2022, 1:04pm

You dont need a script for that. Just add the IP addresses in CIDR format with a space to the remote address section and select WAN with pre routing.

jaw_eleazer · July 1, 2022, 2:04pm

i get this error

and this is the list of valve ip addresses

103.10.124.0/24	
103.10.125.0/24	
103.28.54.0/24	
146.66.152.0/24	
146.66.155.0/24	
153.254.86.0/24	
155.133.224.0/23	
155.133.226.0/24	
155.133.227.0/24	
155.133.230.0/24	
155.133.232.0/24	
155.133.233.0/24	
155.133.234.0/24	
155.133.236.0/23	
155.133.238.0/24	
155.133.239.0/24	
155.133.240.0/23	
155.133.245.0/24	
155.133.246.0/24	
155.133.248.0/24	
155.133.249.0/24	
155.133.250.0/24	
155.133.251.0/24	
155.133.252.0/24	
155.133.253.0/24	
155.133.254.0/24	
155.133.255.0/24	
162.254.192.0/24	
162.254.193.0/24	
162.254.194.0/23	
162.254.195.0/24	
162.254.196.0/24	
162.254.197.0/24	
162.254.198.0/24	
162.254.199.0/24	
185.25.182.0/24	
185.25.183.0/24	
190.217.33.0/24	
192.69.96.0/22	
205.185.194.0/24
205.196.6.0/24	
208.64.200.0/24	
208.64.201.0/24	
208.64.202.0/24	
208.64.203.0/24	
208.78.164.0/22

what am i doing wrong?

Nick01 · July 1, 2022, 3:44pm

Are they separated by a space?

gadgetguy08 · July 1, 2022, 4:13pm

I see that message when I put in a /20 but it lets me save it anyway.

jaw_eleazer · July 1, 2022, 4:47pm

yes, I just saved it anyways

the steam still goes through wireguard though.

this is where i get the list https://bgp.he.net/AS32590#_prefixes

i had custom file with these ip addresses in vpn policy-based routing, and it worked with this list.

but i'm not sure how to make a custom file now in bpr and adding remote addresses into "policies" seems not to work for me

Nick01 · July 1, 2022, 7:13pm

One other option is to look at the example files that are in the default script config if your looking at ASN you should be able to modify it for the steam/value ASN. It’s likely those IP ranges don’t cover all aspects of the service.

Nick01 · July 1, 2022, 7:23pm

Or better still if you had a working script file why can’t you redeploy?

jaw_eleazer · July 1, 2022, 8:52pm

I tried that and it didn't work as well. I have copied pbr.user.netflix and created pbr.user.valve

this populated valve list of ip addressed correctly in the /tmp/pbr_tmp_AS32590

but the steam still only connects through wireguard

as to why I don't create my own script, I don't remember where to put the list of ip addresses in which folder, I think folders changed in pbr ascompared to vpn policy-based routing

Nick01 · July 1, 2022, 9:59pm

Check the URL that the lookup i.e. database is that resolving your ASN in the script mods

jaw_eleazer · July 1, 2022, 10:21pm

it does resove valve servers ip addresses, since it created a file in /tmp/pbr_tmp_AS32590 and i checked it and it is populated with valve ip addresses

Nick01 · July 1, 2022, 10:56pm

For testing purposes can you roll back to vpn policy routing for sanity? Just to confirm the behaviour your seeing isn’t related to a change of software.

jaw_eleazer · July 2, 2022, 7:00pm

looks like changing AS number in netflix file to valve number worked after all and steam now connects directly, but i had to do a router reboot, restarting service in pbr didn't work.

how do i create my own custom ip list tho? and use it with another user file (for example if i have a list of ip addresses without AS number)

adding remote address to policies now work as well it seems. odd