What's new

Domain-based VPN Routing Script

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

output send,
AC68U 386.5_2
AC86U 387.Beta1 <- haven't try this yet. chance are the problem before was that Permission denied
 
output send,
AC68U 386.5_2
AC86U 387.Beta1 <- haven't try this yet. chance are the problem before was that Permission denied
Try removing the spaces in openvpn-event and see if that gets you going, that is a really weird error though.
 
So I don't understand is this like X3MRouting ? meaning can I bypass certain domains past the VPN to wan with the script.
You create policies, assign a vpn interface to that policy and then add domains to the policie(s) and it will create the routes for that domain to go over that VPN interface.

EDIT: This also supports IPv6 if you have IPv6 implemented with your OpenVPN connections like I do.
 
Last edited:
You create policies, assign a vpn interface to that policy and then add domains to the policie(s) and it will create the routes for that domain to go over that VPN interface.

EDIT: This also supports IPv6 if you have IPv6 implemented with your OpenVPN connections like I do.
OK but does it do the reverse meaning can I route netflix to wan?
 
OK but does it do the reverse meaning can I route netflix to wan?
Negative, are you routing all traffic across VPN and want to make exceptions?
 
NO currently i'm using X3mrouting to bypass the vpn for certain clients using the asnum method. I was just wondering if this is a new alternative. I'm guessing this isn't that.

No that is not what this tool does, just routes specific domains over a VPN “Policy based domain routing”. For me and like many, we just want specific domains routed over a VPN tunnel. Doing an entire ASN wouldn’t work for my situation, I just want a streaming service routed but not all traffic from the same ASN.
 
v1.1 Update has been published. Run the update command switch to automatically upgrade your script.
Code:
/jffs/scripts/domain_vpn_routing.sh update

Release Notes:
v1.1 - 06/26/2022
- Added logic during install to create openvpn-event if it doesn't exist.
- Added warning message when executing querypolicy if it is already currently running.
- Support for ASUS Merlin 386.7
 
You still should be able to make an entry in the dnsmasq.conf add on file that will override DNS queries to the specified DNS Server you want per domain.

EDIT: If you have to, you can designate the IP of a DNS Server to go over your VPN using VPN Director or OVPN config and then specify that DNS Server in dnsmasq.conf for that particular domain.
I'm running pihole on a Raspi , when i try to route it through a vpn , it is no longer accessible over lan and the whole network goes down .

What am i supposed to do after routing the dns server in my case "pihole" through vpn using VPN director

forgot to mention , im running unbound too on the same Raspi
 
Last edited:
I'm running pihole on a Raspi , when i try to route it through a vpn , it is no longer accessible over lan and the whole network goes down .

What am i supposed to do after routing the dns server in my case "pihole" through vpn using VPN director

forgot to mention , im running unbound too on the same Raspi
Your whole network goes down? That is strange, from routing the DNS Server through the VPN? Are all of your LAN clients using that DNS Server?
 
Your whole network goes down? That is strange, from routing the DNS Server through the VPN? Are all of your LAN clients using that DNS Server?
yes, dns is configured in lan dhcp
 
yes, dns is configured in lan dhcp
Can you look and see where and how the route is added? look under ovpnc(1-5) route tables and main table.
 
Can you look and see where and how the route is added? look under ovpnc(1-5) route tables and main table.
No Idea how to do that

what i could figure was

Code:
GT-AX11000-6A10 openvpn-routing: Routing  from 192.168.1.3 to any through ovpnc3
GT-AX11000-6A10 openvpn: Forcing 192.168.1.3 to use DNS server 103.86.96.100
 
No Idea how to do that

what i could figure was

Code:
GT-AX11000-6A10 openvpn-routing: Routing  from 192.168.1.3 to any through ovpnc3
GT-AX11000-6A10 openvpn: Forcing 192.168.1.3 to use DNS server 103.86.96.100

What is the IP of your PiHole Server?
What is the IP of the DNS Server you are trying to reroute?
What is the interface of the VPN you are trying to use?
 
What is the IP of your PiHole Server?
What is the IP of the DNS Server you are trying to reroute?
What is the interface of the VPN you are trying to use?
Pihole :192.168.1.3

IP of the DNS Server :103.86.96.100 (Nord DNS)
interface of the VPN: ovpnc3
 
Pihole :192.168.1.3

IP of the DNS Server :103.86.96.100 (Nord DNS)
interface of the VPN: ovpnc3
What is this set to?
Code:
nvram get vpn_client3_rgw
 
Ok try adding this IP Rule:
Code:
ip rule add from 192.168.1.3 to 103.86.96.100 table ovpnc3

If that works, add this to a startup script somewhere so it will add every time a service restart or reboot occurs.
Code:
if [ -z "$(ip rule list from 192.168.1.3 to 103.86.96.100 table ovpnc3)" ] >/dev/null;then
   ip rule add from 192.168.1.3 to 103.86.96.100 table ovpnc3
fi
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top