Browse Source

Merge pull request #4004 from stangri/vpnbypass

vpnbypass: updated README (linked from luci app)
lilik-openwrt-22.03
Hannu Nyman 8 years ago
committed by GitHub
parent
commit
5404e41a37
4 changed files with 15 additions and 8 deletions
  1. +1
    -1
      net/vpnbypass/Makefile
  2. +13
    -6
      net/vpnbypass/files/README.md
  3. BIN
      net/vpnbypass/files/screenshot.png
  4. +1
    -1
      net/vpnbypass/files/vpnbypass.init

+ 1
- 1
net/vpnbypass/Makefile View File

@ -48,7 +48,7 @@ define Package/$(PKG_NAME)/install
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/vpnbypass.conf $(1)/etc/config/vpnbypass
$(INSTALL_DIR) $(1)/etc/hotplug.d/firewall
$(INSTALL_DATA) ./files/vpnbypass.hotplug $(1)/etc/hotplug.d/firewall/92-vpnbypass
$(INSTALL_DATA) ./files/vpnbypass.hotplug $(1)/etc/hotplug.d/firewall/94-vpnbypass
endef
$(eval $(call BuildPackage,$(PKG_NAME)))

+ 13
- 6
net/vpnbypass/files/README.md View File

@ -1,4 +1,4 @@
# OpenWrt VPNBypass
# VPN Bypass
A simple PROCD-based vpnbypass service for OpenWrt/LEDE Project. Useful if your router accesses internet thru VPN client/tunnel, but you want specific traffic (ports, IP ranges, domains or local IP ranges) to be routed outside of this tunnel.
## Features
@ -10,11 +10,15 @@ A simple PROCD-based vpnbypass service for OpenWrt/LEDE Project. Useful if your
- Has a companion package (luci-app-vpnbypass) so everything can be configured with Web UI.
- Proudly made in Canada, using locally-sourced electrons.
## Screenshot (luci-app-vpnbypass)
![screenshot](screenshot.png "screenshot")
## Requirements
This service requires following packages to be installed on your router: ip-full ipset iptables dnsmasq-full (ip-full requires you uninstall ip first; dnsmasq-full requires you uninstall dnsmasq first). Run the following commands to satisfy the requirements:
This service requires following packages to be installed on your router: ```ip-full ipset iptables dnsmasq-full``` (```ip-full``` requires you uninstall ```ip``` first; ```dnsmasq-full``` requires you uninstall ```dnsmasq``` first). Run the following commands to satisfy the requirements:
```sh
opkg update
opkg remove dnsmasq ip; opkg install ip-full ipset iptables dnsmasq-full
opkg remove dnsmasq ip
opkg install ip-full ipset iptables dnsmasq-full
```
## How to install
@ -25,7 +29,10 @@ opkg install vpnbypass luci-app-vpnbypass
Default install routes Plex Media Server traffic (port 32400) outside of the VPN tunnel, routes LogmeIn Hamachi traffic (25.0.0.0/8) outside of the VPN tunnel and also routes internet traffic from local IPs 192.168.1.81-192.168.1.87 outside of the VPN tunnel. You can safely delete these example rules if they do not apply to you.
## Documentation / Discussion
Please head to [LEDE Project Forum](https://forum.lede-project.org/t/vpn-bypass-split-tunneling-service-luci-ui/1106) or [OpenWrt Forum]() for discussions of this service.
Please head to [LEDE Project Forum](https://forum.lede-project.org/t/vpn-bypass-split-tunneling-service-luci-ui/1106) for discussions of this service.
### Bypass Domains Format/Syntax
Domain lists should be in following format/syntax: ```/domain1.com/domain2.com/vpnbypass```. Please don't forget the leading ```/``` and trailing ```/vpnbypass```. There's no validation if you enter something incorrectly -- it just won't work. Please see [Notes/Known Issues](#notesknown-issues) if you want to edit this setting manually, without Web UI.
## What's New
1.1.1
@ -47,8 +54,8 @@ Please head to [LEDE Project Forum](https://forum.lede-project.org/t/vpn-bypass-
0.0.1:
- Initial release.
## Known Issues
Until user-defined domains are supported within vpnbypass config, you can set domains to be accessed outside of VPN tunnel like so:
## Notes/Known Issues
Domains to be accessed outside of VPN tunnel are not defined in ```/etc/config/vpnpass```, but rather in ```/etc/config/dhcp```. To add/delete/edit domains you can use VPN Bypass Web UI or you can edit ```/etc/config/dhcp``` manually or run following commands:
```sh
uci add_list dhcp.@dnsmasq[-1].ipset='/github.com/plex.tv/google.com/vpnbypass'
uci add_list dhcp.@dnsmasq[-1].ipset='/hulu.com/netflix.com/nhl.com/vpnbypass'


BIN
net/vpnbypass/files/screenshot.png View File

Before After
Width: 783  |  Height: 699  |  Size: 88 KiB

+ 1
- 1
net/vpnbypass/files/vpnbypass.init View File

@ -42,7 +42,7 @@ start_service() {
procd_close_instance
source /lib/functions/network.sh
while : ; do network_get_ipaddr wanip wan; network_get_gateway gwip wan; [ $c -ge 5 ] && break || let "c+=1"; [ -n "$wanip" -a -n "$gwip" ] && break || output "$p_name waiting for wan gateway...\n"; sleep 2; network_flush_cache; done
while : ; do network_get_ipaddr wanip wan; network_get_gateway gwip wan; [ $c -ge 15 ] && break || let "c+=1"; [ -n "$wanip" -a -n "$gwip" ] && break || output "$p_name waiting for wan gateway...\n"; sleep 2; network_flush_cache; done
[ -z "$wanip" -o -z "$gwip" ] && output "ERROR: $p_name could not get wan interface IP: $wanip or gateway: $gwip!\n" && exit 0
for ll in ${routes}; do { [ "$ll" = "${ll#*\/*}" ] && ll="${ll}/32"; ip route del $ll; ip route add $ll via $gwip; } >/dev/null 2>&1; done


Loading…
Cancel
Save