deefour
New Around Here
I'm following this guide: https://github.com/RMerl/asuswrt-merlin.ng/wiki/Policy-based-Port-routing-(manual-method)
I have a VPN configured and enabled.
VPN director is silent.
I have my NAS with an IP bound to the MAC address
and I want only traffic on ports 6881 - 8889 to pass through this VPN client; all other traffic should pass through my normal internet.
Here is my net-start script.
The problem: I'm lost between the above script not showing any useful change on reboot, and any changes I make to the VPN client around "Inbound Firewall" and "Redirect Internet traffic ..." resulting in my entire network going offline.
I'm looking for advice and/or a direction to research further.
I can't seem to get network traffic over the port range when I check for the VPN IP to show up on a site like this: http://checkmyip.torrentprivacy.com/
I have a VPN configured and enabled.
VPN director is silent.
I have my NAS with an IP bound to the MAC address
and I want only traffic on ports 6881 - 8889 to pass through this VPN client; all other traffic should pass through my normal internet.
Here is my net-start script.
Code:
#!/bin/sh
sleep 10 # During the boot process nat-start may run multiple times so this is required
# Ensure duplicate rules are not created
for VPN_ID in 0 1 2 3 4 5
do
ip rule del prio 999$VPN_ID 2>/dev/null
done
# Create the RPDB rules
ip rule add from 0/0 fwmark "0x8000/0x8000" table main prio 9990 # WAN fwmark
ip rule add from 0/0 fwmark "0x7000/0x7000" table ovpnc4 prio 9991 # VPN 4 fwmark
ip rule add from 0/0 fwmark "0x3000/0x3000" table ovpnc5 prio 9992 # VPN 5 fwmark
ip rule add from 0/0 fwmark "0x1000/0x1000" table ovpnc1 prio 9993 # VPN 1 fwmark
ip rule add from 0/0 fwmark "0x2000/0x2000" table ovpnc2 prio 9994 # VPN 2 fwmark
ip rule add from 0/0 fwmark "0x4000/0x4000" table ovpnc3 prio 9995 # VPN 3 fwmark
# Force specific NAS traffic over VPN
iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range 192.168.50.87 -p tcp -m multiport --dport 6881:6889 -j MARK --set-mark 0x1000/0x1000
The problem: I'm lost between the above script not showing any useful change on reboot, and any changes I make to the VPN client around "Inbound Firewall" and "Redirect Internet traffic ..." resulting in my entire network going offline.
I'm looking for advice and/or a direction to research further.
I can't seem to get network traffic over the port range when I check for the VPN IP to show up on a site like this: http://checkmyip.torrentprivacy.com/