#!/bin/sh
set -xo
#####################################################################################################
# This program is a demo on how to route certain traffic over the WAN.
# For demo purposes, I am using the websites whatismyipaddress.com, whatismyip.com and beta.speedtest.net
# STEP 1
# copy the following line to /jffs/configs/dnsmasq.conf.add
# ipset=/whatismyipaddress.com/WHATISMYIPADDRESS
# ipset=/whatismyip.com/WHATISMYIP
# ipset=/beta.speedtest.net/SPEEDTEST
#
# Then issue the command: service restart_dnsmasq
# Note1: ipset syntax differs between version 6 and 4.5
# Syntax for ipset v6
# ipset create WAN0 list:set
# ipset add WAN0 setlist (e.g. SPEEDTEST)
# for routers running ipset v4.5 (ipset -V)
# ipset -N WAN0 setlist (e.g. SPEEDTEST)
#
# Note 2: Mining domain IP Addresses
# For the best performance install entware package whob (e.g. opkg install whob) and use the following code example
# netsv4=`whob -h whois.radb.net -- '-i origin AS16625' | grep -Eo "([0-9.]+){4}/[0-9]+"`
# Othwerwise, use the curl command. My brief testing has shown this to yield better results:
# netsv4=`curl
http://ipinfo.io/AS16625 2>/dev/null | grep -E "a href.*AS16625\/" | sed 's/^.*\">//; s/<.*//; /^\s*$/d'`;for net in $netsv4;do echo $net;done;unset netsv4
#
# Note 3: In the event one needs to use IPv6 in the future, the syntax is: ipset -N WHATISMYIP-v6 hash:net family ipv6
#
ipset create WAN0 list:set
ipset create WHATISMYIPADDRESS hash:net family inet hashsize 1024 maxelem 65536
ipset create WHATISMYIP hash:net family inet hashsize 1024 maxelem 65536
ipset create SPEEDTEST hash:net family inet hashsize 1024 maxelem 65536
###################################################################
# use nslookup
www.website.com to find ip address. Then, go to
#
https://www.ultratools.com/ to lookup ASN
#######################################################################
#Pull all IPs listed for whatismyipaddress.com on radb.net
netsv4=`whob -h whois.radb.net -- '-i origin AS16625' | grep -Eo "([0-9.]+){4}/[0-9]+"`
for net in $netsv4
do
ipset add WHATISMYIPADDRESS $net
done
unset netsv4
#Pull all IPs listed for whatismyip.com on radb.net
netsv4=`whob -h whois.radb.net -- '-i origin AS13335' | grep -Eo "([0-9.]+){4}/[0-9]+"`
for net in $netsv4
do
ipset add WHATISMYIP $net
done
unset netsv4
#Pull all IPs listed for beta.speedtest.net
netsv4=`whob -h whois.radb.net -- '-i origin AS40027' | grep -Eo "([0-9.]+){4}/[0-9]+"`
for net in $netsv4
do
ipset add SPEEDTEST $net
done
unset netsv4
#########################################################################
# Add domains that you want to use WAN inteface to the WAN0 ipset list #
#########################################################################
ipset add WAN0 WHATISMYIPADDRESS
ipset add WAN0 WHATISMYIP
ipset add WAN0 SPEEDTEST
###########################################################
#Create table to contain items added automatically by wan #
###########################################################
ip rule del prio 9990
ip rule add from 0/0 fwmark 0x7000/0x7000 table main prio 9990
iptables -D PREROUTING -t mangle -m set --match-set WAN0 dst -j MARK --set-mark 0x7000/0x7000
iptables -A PREROUTING -t mangle -m set --match-set WAN0 dst -j MARK --set-mark 0x7000/0x7000
logger -t "($(basename $0))" $$ Ending IPSET_VPN_Routing.sh..." $0${*:+ $*}."