Ramboxman
Explorer
- Joined
- Jun 20, 2013
- Messages
- 63
So I was able to set my dd-wrt router to foward a static ip address. I tried this with my pc and laptop my laptop was set to tunnel thru openvpn and it work. I then changed the ip to my jail and I think it works my pc is not being tunneled but not sure if my static ip on the jail is? With my pc it easy to go to a website a do an iptrace (en.utrace.de) but is there a way to check from the shell or ssh on FreeNas?
Extra info dd-wrt setting:
echo username >> /tmp/password.txt
echo password >> /tmp/password.txt
/usr/bin/killall openvpn
/usr/sbin/openvpn --config /tmp/openvpncl/openvpn.conf \
--route-up /tmp/openvpncl/route-up.sh \
--down-pre /tmp/openvpncl/route-down.sh --daemon
# Wait for PIA connection before setting up new routing rules
sleep 30
for i in /proc/sys/net/ipv4/conf/*/rp_filter ; do
echo 0 > $i;
done
ip route flush table 100
ip route del default table 100
ip rule del fwmark 1 table 100
ip route flush cache
iptables -t mangle -F PREROUTING
ip route show table main | grep -Ev ^default | grep -Ev tun1 \
| while read ROUTE ; do
ip route add table 100 $ROUTE;
done
ip route add default table 100 via $(nvram get wan_gateway)
ip rule add fwmark 1 table 100
ip route flush cache
# By default all traffic bypasses the VPN
iptables -t mangle -A PREROUTING -i br0 -j MARK --set-mark 1
# These devices explicitly go thru VPN (set-mark 0)
iptables -t mangle -A PREROUTING -i br0 -s 192.168.1.xxx -j MARK --set-mark 0
iptables -t mangle -A PREROUTING -i br0 -s 192.168.1.xxx -j MARK --set-mark 0
# *** Make script for turning VPN on/off on devices ***
# Type sh /tmp/show-mytable to see table - MARK and 0x0 is VPN on
# Type sh /tmp/novpn-line [linenum in table] to turn off VPN
# Type sh /tmp/vpn-ip [last 3 digits of ip] to turn VPN
echo "#!/bin/sh
iptables -t mangle -D PREROUTING \$1
iptables -t mangle -L PREROUTING" > /tmp/novpn-line
echo "#!/bin/sh
iptables -t mangle -A PREROUTING -i br0 -s 192.168.1.\$1 -j MARK --set-mark 0
iptables -t mangle -L PREROUTING" > /tmp/vpn-ip
echo "#!/bin/sh
iptables -t mangle -L PREROUTING" > /tmp/show-mytable
chmod +x /tmp/novpn-line /tmp/vpn-ip /tmp/show-mytable
replace 192.168.1.xxx with your IP
Extra info dd-wrt setting:
echo username >> /tmp/password.txt
echo password >> /tmp/password.txt
/usr/bin/killall openvpn
/usr/sbin/openvpn --config /tmp/openvpncl/openvpn.conf \
--route-up /tmp/openvpncl/route-up.sh \
--down-pre /tmp/openvpncl/route-down.sh --daemon
# Wait for PIA connection before setting up new routing rules
sleep 30
for i in /proc/sys/net/ipv4/conf/*/rp_filter ; do
echo 0 > $i;
done
ip route flush table 100
ip route del default table 100
ip rule del fwmark 1 table 100
ip route flush cache
iptables -t mangle -F PREROUTING
ip route show table main | grep -Ev ^default | grep -Ev tun1 \
| while read ROUTE ; do
ip route add table 100 $ROUTE;
done
ip route add default table 100 via $(nvram get wan_gateway)
ip rule add fwmark 1 table 100
ip route flush cache
# By default all traffic bypasses the VPN
iptables -t mangle -A PREROUTING -i br0 -j MARK --set-mark 1
# These devices explicitly go thru VPN (set-mark 0)
iptables -t mangle -A PREROUTING -i br0 -s 192.168.1.xxx -j MARK --set-mark 0
iptables -t mangle -A PREROUTING -i br0 -s 192.168.1.xxx -j MARK --set-mark 0
# *** Make script for turning VPN on/off on devices ***
# Type sh /tmp/show-mytable to see table - MARK and 0x0 is VPN on
# Type sh /tmp/novpn-line [linenum in table] to turn off VPN
# Type sh /tmp/vpn-ip [last 3 digits of ip] to turn VPN
echo "#!/bin/sh
iptables -t mangle -D PREROUTING \$1
iptables -t mangle -L PREROUTING" > /tmp/novpn-line
echo "#!/bin/sh
iptables -t mangle -A PREROUTING -i br0 -s 192.168.1.\$1 -j MARK --set-mark 0
iptables -t mangle -L PREROUTING" > /tmp/vpn-ip
echo "#!/bin/sh
iptables -t mangle -L PREROUTING" > /tmp/show-mytable
chmod +x /tmp/novpn-line /tmp/vpn-ip /tmp/show-mytable
replace 192.168.1.xxx with your IP
