page_fault
Occasional Visitor
Hi,
I seem to be having a problem using the OpenVPN server and client at the same time. The server works great but right up until I turn on the client, the server stops accepting connections. I suspect it's listening on the VPN IP rather than the WAN IP but I'm not sure. I have a script to redirect only certain IPs to the VPN client and everything else to WAN but it doesn't work. Attached is my script. Any help would be appreciated.
I seem to be having a problem using the OpenVPN server and client at the same time. The server works great but right up until I turn on the client, the server stops accepting connections. I suspect it's listening on the VPN IP rather than the WAN IP but I'm not sure. I have a script to redirect only certain IPs to the VPN client and everything else to WAN but it doesn't work. Attached is my script. Any help would be appreciated.
Code:
#!/bin/sh
sleep 2
touch /tmp/000wanstarted
for i in /proc/sys/net/ipv4/conf/*/rp_filter ; do
echo 0 > $i
done
#US VPN
#
# Delete and table 100 and flush any existing rules if they exist.
#
ip route flush table 100
ip route del default table 100
ip rule del fwmark 1 table 100
ip route flush cache
iptables -t mangle -F PREROUTING
#
# Copy all non-default and non-VPN related routes from the main table into table 100.
# Then configure table 100 to route all traffic out the WAN gateway and assign it mark "1"
#
# NOTE: Here I assume the OpenVPN tunnel is named "tun11".
#
#
ip route show table main | grep -Ev ^default | grep -Ev tun11 \
| while read ROUTE ; do
ip route add table 100 $ROUTE
done
ip route add default table 100 via $(nvram get wan0_gateway)
ip rule add fwmark 1 table 100
ip route flush cache
#
# Define the routing policies for the traffic. The rules will be applied in the order that they
# are listed. In the end, packets with MARK set to "0" will pass through the VPN. If MARK is set
# to "1" it will bypass the VPN.
#
# All LAN traffic will bypass the VPN (Useful to put this rule first, so all traffic bypasses the VPN and you can # configure exceptions afterwards)
iptables -t mangle -A PREROUTING -i br0 -j MARK --set-mark 1
# All traffic from Roku Wireless will use the VPN
iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range 192.168.1.15 -j MARK --set-mark 0
iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range 192.168.1.25 -j MARK --set-mark 0