x3mRouting x3mRouting ~ Selective Routing for Asuswrt-Merlin Firmware (1-Nov-2020)

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

abracadabra11

Regular Contributor
Recently upgraded from 384.18 to 384.19 on my RT-AX3000.

Having an issue with the script update function for x3mRouting. Currently running x3m v2.0 and when I try to run option (5) Check for updates to existing x3mRouting installation, it does not update the install to 2.4 which shows as an available update in the amtm main menu.

Do I just need to run the install command to get to v2.4?
 

Sean Rhodes

Regular Contributor
Recently upgraded from 384.18 to 384.19 on my RT-AX3000.

Having an issue with the script update function for x3mRouting. Currently running x3m v2.0 and when I try to run option (5) Check for updates to existing x3mRouting installation, it does not update the install to 2.4 which shows as an available update in the amtm main menu.

Do I just need to run the install command to get to v2.4?
If installing via amtm, just select 6, then option 5 and it should automatically update. If you wish to update directly from the shell, then just enter
Code:
sh -c "$(curl -sL https://raw.githubusercontent.com/Xentrk/x3mRouting/master/Install_x3mRouting.sh)"
. v2.4 is the master branch and is always the latest version
 

abracadabra11

Regular Contributor
If installing via amtm, just select 6, then option 5 and it should automatically update.
It isn't updating automatically this way. Thought that was strange, so posted the original question. Manual update it is.
 

mister

Regular Contributor
Hallo Xentrk,
I updated to Beta2 for testing, but dnsmasq don´t seem to work.
My netflix entries are not populated.

DNSMASQ seems not to work

Any ideas ?

Hugo
 
Last edited:

L&LD

Part of the Furniture
@mister what firmware did you update from? What router? Did you do a full reset after flashing the firmware you wanted and then did a minimal and manual configuration? Without using a saved backup config file?
 

mister

Regular Contributor
@mister what firmware did you update from? What router? Did you do a full reset after flashing the firmware you wanted and then did a minimal and manual configuration? Without using a saved backup config file?

Hi, I firstly made a dirty upgrade of my RT86U from 384.19 Merlin to the new beta2 Merlin.
That didn´t worked as expected. That I made an complete factory reset. After that I was not able to populate the lists anymore.

I reverted back to 384.19 and restored my jffs partion I previously backuped and the backuped configuration.
Nevertheless it seems to me, that the lists were not populated.
I made a format of the USB stick and installed x3mrouting and the other scripts completely new.


I got the following errors:
find: ‘/proc/7032/task/7032/net’: Invalid argument
find: ‘/proc/7032/net’: Invalid argument
find: ‘/proc/7033/task/7033/net’: Invalid argument
find: ‘/proc/7033/net’: Invalid argument
(x3mRouting.sh): 7255 ERROR dnsmasq.log file NOT found!
(x3mRouting.sh): 7323 Starting Script Execution 1 0 NETFLIX dnsmasq=netflix.com,nflxext.com,nflximg.com,nflximg.net,nflxso.net,nflxvideo.net,amazonaws.com

Any ideas how to solve the problem ?

Thanks a lot for your support.
 

L&LD

Part of the Furniture
Trying to help... and you're welcome. But you didn't really answer the questions I asked.

First, what model are we talking about here? The RT-AX86U or the RT-AC86U or...???

On what firmware version did you make the backup of the router settings and the JFFS partition?

Did you format the USB drive to NTFS on a PC before putting it back into the router after you flashed 384.19_0?

Did you format the JFFS partition and reboot at least twice afterward in the next 10 minutes or so before inserting the NTFS drive into the router?

Here are some suggestions to get your router back to a good/known state.

New M&M 2020

The following link may work better to get your router stable again.

Fully Reset Router and Network


Please don't select which steps you'll try. They need to be done all together, in order, and precisely too.
 

mister

Regular Contributor
Trying to help... and you're welcome. But you didn't really answer the questions I asked.

First, what model are we talking about here? The RT-AX86U or the RT-AC86U or...???

On what firmware version did you make the backup of the router settings and the JFFS partition?

Did you format the USB drive to NTFS on a PC before putting it back into the router after you flashed 384.19_0?

Did you format the JFFS partition and reboot at least twice afterward in the next 10 minutes or so before inserting the NTFS drive into the router?

Here are some suggestions to get your router back to a good/known state.

New M&M 2020

The following link may work better to get your router stable again.

Fully Reset Router and Network


Please don't select which steps you'll try. They need to be done all together, in order, and precisely too.
Sorry, my mistake.
I have the RT AC86U router which worked very well with Merlins Firmware 384.19 with Yazfi and X3mrouting installed and configured.
That worked without problems.

Immediatly before I tried out the new beta 2 firmware, I made a backup of the USB and the configuration via WebUI.

I updated to beta2 and after that, my router was not accesable via ssh anymore.
No format of the jffs partition, but I removed the USB Stick during the upgrade procedure.

I made a factory reset and with box to initialize the settings checked.

I tried to use the USB stick, but part of the lists didn´t populate anymore.
So I formated the USB Stick via amtm.
Then I created a swap file of 2GB and then installed x3mrouting and entware.

Hugo

Do I have to reset the router completly again ?
 

L&LD

Part of the Furniture
I would. The part that doesn't seem 'fresh' to me is the JFFS partition. Which would throw everything out of order.
 

mister

Regular Contributor
THanks again for your comments. I formated the jffs partition at the next reboot and installed everything again.

The other errors disappeared till one and the entries e.g.
sh /jffs/scripts/x3mRouting/x3mRouting.sh 1 0 netflixauto dnsmasq=netflix.com,nflxso.net,nflxvideo.net
seems not to work.

ERROR dnsmasq.log file NOT found!

Is the dnsmasq.log entry a problem or just an information that it is not there ? Can I manually add it to solve ?

Thanks again.
Hugo
 

L&LD

Part of the Furniture
Did you take heed of the last sentence on post 107? :)
 

mister

Regular Contributor
Did you take heed of the last sentence on post 107? :)

Yes I know, all configuration from the beginning without knowing, if that solves my problem :)
I thought, that there would be an easier way of doing that specific topic, because the rest is working normally....



PS Installing Diverson solved the dnsmasq.log error, but the population is still not occurring
I have to wait a little bit with my reset, because it takes a lot of time to reconfigure it again and the basic functions are working. In my holidays I will take a look into it. But thanks again for your support.
 
Last edited:

Jack Yaz

Part of the Furniture
Did you take heed of the last sentence on post 107? :)
Resetting the router wouldn't solve the dnsmasq log error, since its never enabled by default in the firmware. Enabling logging can be achieved manually by adding the relevant configuration to dnsmasq, or installing Diversion which can enable logging (though installing Diversion just to enable logging is massive overkill!)
 

Jack Yaz

Part of the Furniture
Yes I know, all configuration from the beginning without knowing, if that solves my problem :)
I thought, that there would be an easier way of doing that specific topic, because the rest is working normally....



PS Installing Diverson solved the dnsmasq.log error, but the population is still not occurring
I have to wait a little bit with my reset, because it takes a lot of time to reconfigure it again and the basic functions are working. In my holidays I will take a look into it. But thanks again for your support.
You may need to clear the dns cache on your device(s).
 

mister

Regular Contributor
Thanks a lot for your answers. Ok, I can ignore the error with the log then.
My problem is, that in the putty terminal the liststats are not populated anymore, but the domains are resolved correctly. Is that related to the cache?
The domains are resolved correctly, if I am using a browser, so I don't know why the lists are not populated. In the tools I also tried to switch the setting "wan: use local caching dns servers..." from no to yes but without seeing an efffect....

That was the only hint I found on github...

Any futher ideas?
 

Xentrk

Part of the Furniture
Thanks a lot for your answers. Ok, I can ignore the error with the log then.
My problem is, that in the putty terminal the liststats are not populated anymore, but the domains are resolved correctly. Is that related to the cache?
The domains are resolved correctly, if I am using a browser, so I don't know why the lists are not populated. In the tools I also tried to switch the setting "wan: use local caching dns servers..." from no to yes but without seeing an efffect....

That was the only hint I found on github...

Any futher ideas?
Here is the link how to manually configure dnsmasq logging if you don't have it enabled.


Don't forget...If you have Accept DNS Configuration set to Exclusive for the VPN connection, then dnsmasq is bypassed and the ipset lists won't be populated. You'll have to use one of the work around solutions available. However, I've found that after the list has been populated, you can set Accept DNS Configuration back to Exclusive. The list won't get updated any longer with IPv4 addresses, but the iptables rule to route the traffic will work.
 

Xentrk

Part of the Furniture
Should have specified that I did have an active OpenVPN rule. Is there a preferred method for routing?
It really depends on the use case. I could never get BBC to work using ASN method and found I had to use dnsmasq method to get it to work. Using dnsmasq method for Netflix is very specific whereas AS2906 is AWS for Netflix and other streaming services that may cast too wide of a net. So it just depends.
 

Xentrk

Part of the Furniture
Dear Xentrk,
thanks a lot for your hints and your suggestions.
Meanwhile I have a workaround for the problem, because my problem is not easy to reproduce:

1. I paused "#" all ASN number entries
2. I add the following command into the services-start file: sleep 60 && sh ./jffs/scripts/nat-start

So the nat-start is running twice. With that approach all lists are populated correctly without any lock and the routing is working.
I will test your approach as well.

Hugo.
Hi Hugo,

The sleep shouldn't be required. But won't cause any harm. Keep in mind that nat-start will run early in the boot process. It does not require that OpenVPN be active. I suspect if one has the check box on the OpenVPN screen checked to block internet traffic if the tunnel goes down may prevent the ipset lists from being populated at boot time. But I would need to test as the iptables rule wouldn't be enabled yet until OpenVPN starts. That is why I suggested unchecking the option to see if it had any effect on your issue if you have it checked. A detailed look at the system log may help determine what is going on.
 

Xentrk

Part of the Furniture
@Sean Rhodes
I uploaded the list to a miscellaneous repo on GitHub created from the following:
Code:
sh /jffs/scripts/x3mRouting/x3mRouting.sh ALL 3 BBC_WEB4 dnsmasq=2cnt.net,bbc.com,bbcverticals.com,co.uk,llnwi.net,net.uk

Download BBC_WEB4 ipset list:
Code:
/usr/sbin/curl --retry 3 "https://github.com/Xentrk/Asuswrt-Merlin-Linux-Shell-Scripts/blob/master/BBC_WEB4" -o "/opt/tmp/BBC_WEB4"

Please give it a try. You should be able to set Accept DNS Configuration to exclusive. The list will no longer populate from dnsmasq. but the routing rule will still work for the ipv4 addresses in the ipset list.
 
Last edited:

Xentrk

Part of the Furniture
I'm kind of lost to be honest, it's overwhelming to do this for a newbie. I want to route traffic from specific devices to a vpn specifically the Xbox live ips
You can use the OpenVPN screen to route a device to the WAN.

A common configuration setup where you want your whole LAN to go through the VPN, but not the router itself or the Xbox:

Code:
LAN        192.168.1.0/24    0.0.0.0        VPN
Router        192.168.1.1    0.0.0.0        WAN
XBox          191.168.1.20   0.0.0.0        WAN
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top