Recent content by Charles Wilkinson

Ah, that makes sense. Apologies, I couldn't follow the whole flow of your approach from reading the code for only an hour or so, so wasn't sure how you were handling the IPs once collected. I considered doing something similar, but since my approach creates VPN Director rules, I have a hard...

Hey @Ranger802004 I've built something very similar myself and found a limitation that I think your excellent script also suffers from and so I thought I would share. Basically, it stems from the limitation of using nslookup to get a list of IPs from a domain name. Some big sites (like...

For anyone else who is using my script, I have recently published some major updates to it and have moved it to github to make it easier for people to see if it has changed. It's been significantly improved and several bugs have been squashed. I also recommend reading the Limitation section in...

Hey there @machinist, sorry for not replying sooner - I didn't spot this question until now. Possibly, but I'm not sure how Merlin's code would handle two conflicting/overlapping rules. The UI says: But I'm not sure how to interpret them in your specific example. However, it may be moot...

Hmm. The script only restarts the VPN routing if it detects a change. Perhaps on reboot we need to force it to. Try adding service restart_vpnrouting0 to the firewall-start script after /jffs/scripts/vpn_director_host_rules.sh and see if that works.

I may do that :-) I was actually thinking of turning this into a proper addon with a GUI if I can find the time to learn how. Merlin's docs look pretty good, so I may give it a go.

Sorry - I made a silly copy/paste error when updating my blog. Go fetch the script again and it should work. I've replaced the list of hosts at the top with a list of 'rules'. A 'rule' is a hostname and an interface separated by '|' e.g. netflix.com|OVPN1 At the moment, you can't restrict to a...

I actually created a script to do exactly what you are asking for. You can find it here: https://charleswilkinson.co.uk/2021/11/21/asus-merlin-route-via-vpn-for-specific-destination-hosts/ Let me know if it works for you :-)

Ok, so NOW it’s working. Was fighting a weird bug where the manually created rules were being deleted only when the job ran in cron, not when run manually. Turned out to be a different PATH invoking different versions of grep. I thought I was going mad.

Ok, so I think I have fixed it. I have done limited testing, so let me know if it works ok for you :-) All generated rules get the prefix 'AUTO-DNS-' so the script can separate them from manually created rules.

Yes, sorry - I should have been clear that it would replace any manually created rules. Maybe this weekend I will try to make it preserve them.

Hey Bambino, I found this thread when doing my own research and so thought I would come back and share the solution I have whipped up. It's not perfect, but I think it does just what you want. It lets you route traffic to certain domains over the VPN exclusively. I run the same hardware as you...

Hey guys, I spent a load of time playing with this building on the ideas above and have created a script for managing VPN Director rules that has the following benefits: It lets you specify destination hosts that you want to route over the VPN (for all local devices). Want to send all traffic...

Hey guys, I spent a load of time playing with this building on the ideas above and have created a script for managing VPN Director rules that has the following benefits: It lets you specify destination hosts that you want to route over the VPN (for all local devices). Want to send all traffic...

That is actually pretty cunning. I might just get the managed switch though - I think it will be a neater solution. Just annoyed that I bought an unmanaged one only a few days ago. Threw the packaging away :( It's a shame it doesn't seem to be possible to do MAC address-based VLAN tagging on...