What's new

JFFS Scripts not loading?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

BenC

Occasional Visitor
Hi. For years I've successfully had a nat-start script running in my /jffs/scripts folder. The simple script ran all my port 80/443/8443 traffic through my openVPN connection, and left the rest (ie, gaming) untouched.

Recently, despite no updates/changes, it seems this script is no longer loading/working, even when called manually. All traffic is run through the vpn. IP192.168.0.210 is exempted from these rules.

Code:
#!/bin/sh

sleep 2

ip rule del fwmark 0x1000
ip rule add fwmark 0x1000 table 111 prio 9991
ip route flush cache


iptables -t mangle -D PREROUTING -i br0 ! -s $(nvram get lan_ipaddr) -p tcp -m multiport --dport 80,443,8443 -j MARK --set-mark 0x1000/0x1000
iptables -t mangle -A PREROUTING -i br0 ! -s $(nvram get lan_ipaddr) -p tcp -m multiport --dport 80,443,8443 -j MARK --set-mark 0x1000/0x1000

iptables -t mangle -D PREROUTING -i br0 -m iprange --src-range 192.168.0.210 -j MARK --set-mark 1
iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range 192.168.0.210 -j MARK --set-mark 1

exit 1

Running on an RT-AC-86U, merlin firmware 386.x.

Any ideas? Thanks.
 
Good start to see the rules, but where they applied? IOW, did you dump the firewall and verify they are there? Also, what's in table 111? Is that correct as well? Is the rule there too? There's just not enough here to see the full picture.

Code:
iptables -t mangle -vnL PREROUTING
ip route show table 111
ip rule show
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top