diff --git a/net/vpnbypass/Makefile b/net/vpnbypass/Makefile index 177c57bff..c0db99068 100644 --- a/net/vpnbypass/Makefile +++ b/net/vpnbypass/Makefile @@ -48,7 +48,7 @@ define Package/$(PKG_NAME)/install $(INSTALL_DIR) $(1)/etc/config $(INSTALL_CONF) ./files/vpnbypass.conf $(1)/etc/config/vpnbypass $(INSTALL_DIR) $(1)/etc/hotplug.d/firewall - $(INSTALL_DATA) ./files/vpnbypass.hotplug $(1)/etc/hotplug.d/firewall/92-vpnbypass + $(INSTALL_DATA) ./files/vpnbypass.hotplug $(1)/etc/hotplug.d/firewall/94-vpnbypass endef $(eval $(call BuildPackage,$(PKG_NAME))) diff --git a/net/vpnbypass/files/README.md b/net/vpnbypass/files/README.md index e0286a582..87e6fe234 100644 --- a/net/vpnbypass/files/README.md +++ b/net/vpnbypass/files/README.md @@ -1,4 +1,4 @@ -# OpenWrt VPNBypass +# VPN Bypass A simple PROCD-based vpnbypass service for OpenWrt/LEDE Project. Useful if your router accesses internet thru VPN client/tunnel, but you want specific traffic (ports, IP ranges, domains or local IP ranges) to be routed outside of this tunnel. ## Features @@ -10,11 +10,15 @@ A simple PROCD-based vpnbypass service for OpenWrt/LEDE Project. Useful if your - Has a companion package (luci-app-vpnbypass) so everything can be configured with Web UI. - Proudly made in Canada, using locally-sourced electrons. +## Screenshot (luci-app-vpnbypass) +![screenshot](screenshot.png "screenshot") + ## Requirements -This service requires following packages to be installed on your router: ip-full ipset iptables dnsmasq-full (ip-full requires you uninstall ip first; dnsmasq-full requires you uninstall dnsmasq first). Run the following commands to satisfy the requirements: +This service requires following packages to be installed on your router: ```ip-full ipset iptables dnsmasq-full``` (```ip-full``` requires you uninstall ```ip``` first; ```dnsmasq-full``` requires you uninstall ```dnsmasq``` first). Run the following commands to satisfy the requirements: ```sh opkg update -opkg remove dnsmasq ip; opkg install ip-full ipset iptables dnsmasq-full +opkg remove dnsmasq ip +opkg install ip-full ipset iptables dnsmasq-full ``` ## How to install @@ -25,7 +29,10 @@ opkg install vpnbypass luci-app-vpnbypass Default install routes Plex Media Server traffic (port 32400) outside of the VPN tunnel, routes LogmeIn Hamachi traffic (25.0.0.0/8) outside of the VPN tunnel and also routes internet traffic from local IPs 192.168.1.81-192.168.1.87 outside of the VPN tunnel. You can safely delete these example rules if they do not apply to you. ## Documentation / Discussion -Please head to [LEDE Project Forum](https://forum.lede-project.org/t/vpn-bypass-split-tunneling-service-luci-ui/1106) or [OpenWrt Forum]() for discussions of this service. +Please head to [LEDE Project Forum](https://forum.lede-project.org/t/vpn-bypass-split-tunneling-service-luci-ui/1106) for discussions of this service. + +### Bypass Domains Format/Syntax +Domain lists should be in following format/syntax: ```/domain1.com/domain2.com/vpnbypass```. Please don't forget the leading ```/``` and trailing ```/vpnbypass```. There's no validation if you enter something incorrectly -- it just won't work. Please see [Notes/Known Issues](#notesknown-issues) if you want to edit this setting manually, without Web UI. ## What's New 1.1.1 @@ -47,8 +54,8 @@ Please head to [LEDE Project Forum](https://forum.lede-project.org/t/vpn-bypass- 0.0.1: - Initial release. -## Known Issues -Until user-defined domains are supported within vpnbypass config, you can set domains to be accessed outside of VPN tunnel like so: +## Notes/Known Issues +Domains to be accessed outside of VPN tunnel are not defined in ```/etc/config/vpnpass```, but rather in ```/etc/config/dhcp```. To add/delete/edit domains you can use VPN Bypass Web UI or you can edit ```/etc/config/dhcp``` manually or run following commands: ```sh uci add_list dhcp.@dnsmasq[-1].ipset='/github.com/plex.tv/google.com/vpnbypass' uci add_list dhcp.@dnsmasq[-1].ipset='/hulu.com/netflix.com/nhl.com/vpnbypass' diff --git a/net/vpnbypass/files/screenshot.png b/net/vpnbypass/files/screenshot.png new file mode 100644 index 000000000..02cf69639 Binary files /dev/null and b/net/vpnbypass/files/screenshot.png differ diff --git a/net/vpnbypass/files/vpnbypass.init b/net/vpnbypass/files/vpnbypass.init index 74aa40008..00a874978 100644 --- a/net/vpnbypass/files/vpnbypass.init +++ b/net/vpnbypass/files/vpnbypass.init @@ -42,7 +42,7 @@ start_service() { procd_close_instance source /lib/functions/network.sh - while : ; do network_get_ipaddr wanip wan; network_get_gateway gwip wan; [ $c -ge 5 ] && break || let "c+=1"; [ -n "$wanip" -a -n "$gwip" ] && break || output "$p_name waiting for wan gateway...\n"; sleep 2; network_flush_cache; done + while : ; do network_get_ipaddr wanip wan; network_get_gateway gwip wan; [ $c -ge 15 ] && break || let "c+=1"; [ -n "$wanip" -a -n "$gwip" ] && break || output "$p_name waiting for wan gateway...\n"; sleep 2; network_flush_cache; done [ -z "$wanip" -o -z "$gwip" ] && output "ERROR: $p_name could not get wan interface IP: $wanip or gateway: $gwip!\n" && exit 0 for ll in ${routes}; do { [ "$ll" = "${ll#*\/*}" ] && ll="${ll}/32"; ip route del $ll; ip route add $ll via $gwip; } >/dev/null 2>&1; done