Browse Source

Merge pull request #4004 from stangri/vpnbypass

vpnbypass: updated README (linked from luci app)
lilik-openwrt-22.03
Hannu Nyman 8 years ago
committed by GitHub
parent
commit
5404e41a37
4 changed files with 15 additions and 8 deletions
  1. +1
    -1
      net/vpnbypass/Makefile
  2. +13
    -6
      net/vpnbypass/files/README.md
  3. BIN
      net/vpnbypass/files/screenshot.png
  4. +1
    -1
      net/vpnbypass/files/vpnbypass.init

+ 1
- 1
net/vpnbypass/Makefile View File

@ -48,7 +48,7 @@ define Package/$(PKG_NAME)/install
$(INSTALL_DIR) $(1)/etc/config $(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/vpnbypass.conf $(1)/etc/config/vpnbypass $(INSTALL_CONF) ./files/vpnbypass.conf $(1)/etc/config/vpnbypass
$(INSTALL_DIR) $(1)/etc/hotplug.d/firewall $(INSTALL_DIR) $(1)/etc/hotplug.d/firewall
$(INSTALL_DATA) ./files/vpnbypass.hotplug $(1)/etc/hotplug.d/firewall/92-vpnbypass
$(INSTALL_DATA) ./files/vpnbypass.hotplug $(1)/etc/hotplug.d/firewall/94-vpnbypass
endef endef
$(eval $(call BuildPackage,$(PKG_NAME))) $(eval $(call BuildPackage,$(PKG_NAME)))

+ 13
- 6
net/vpnbypass/files/README.md View File

@ -1,4 +1,4 @@
# OpenWrt VPNBypass
# VPN Bypass
A simple PROCD-based vpnbypass service for OpenWrt/LEDE Project. Useful if your router accesses internet thru VPN client/tunnel, but you want specific traffic (ports, IP ranges, domains or local IP ranges) to be routed outside of this tunnel. A simple PROCD-based vpnbypass service for OpenWrt/LEDE Project. Useful if your router accesses internet thru VPN client/tunnel, but you want specific traffic (ports, IP ranges, domains or local IP ranges) to be routed outside of this tunnel.
## Features ## Features
@ -10,11 +10,15 @@ A simple PROCD-based vpnbypass service for OpenWrt/LEDE Project. Useful if your
- Has a companion package (luci-app-vpnbypass) so everything can be configured with Web UI. - Has a companion package (luci-app-vpnbypass) so everything can be configured with Web UI.
- Proudly made in Canada, using locally-sourced electrons. - Proudly made in Canada, using locally-sourced electrons.
## Screenshot (luci-app-vpnbypass)
![screenshot](screenshot.png "screenshot")
## Requirements ## Requirements
This service requires following packages to be installed on your router: ip-full ipset iptables dnsmasq-full (ip-full requires you uninstall ip first; dnsmasq-full requires you uninstall dnsmasq first). Run the following commands to satisfy the requirements:
This service requires following packages to be installed on your router: ```ip-full ipset iptables dnsmasq-full``` (```ip-full``` requires you uninstall ```ip``` first; ```dnsmasq-full``` requires you uninstall ```dnsmasq``` first). Run the following commands to satisfy the requirements:
```sh ```sh
opkg update opkg update
opkg remove dnsmasq ip; opkg install ip-full ipset iptables dnsmasq-full
opkg remove dnsmasq ip
opkg install ip-full ipset iptables dnsmasq-full
``` ```
## How to install ## How to install
@ -25,7 +29,10 @@ opkg install vpnbypass luci-app-vpnbypass
Default install routes Plex Media Server traffic (port 32400) outside of the VPN tunnel, routes LogmeIn Hamachi traffic (25.0.0.0/8) outside of the VPN tunnel and also routes internet traffic from local IPs 192.168.1.81-192.168.1.87 outside of the VPN tunnel. You can safely delete these example rules if they do not apply to you. Default install routes Plex Media Server traffic (port 32400) outside of the VPN tunnel, routes LogmeIn Hamachi traffic (25.0.0.0/8) outside of the VPN tunnel and also routes internet traffic from local IPs 192.168.1.81-192.168.1.87 outside of the VPN tunnel. You can safely delete these example rules if they do not apply to you.
## Documentation / Discussion ## Documentation / Discussion
Please head to [LEDE Project Forum](https://forum.lede-project.org/t/vpn-bypass-split-tunneling-service-luci-ui/1106) or [OpenWrt Forum]() for discussions of this service.
Please head to [LEDE Project Forum](https://forum.lede-project.org/t/vpn-bypass-split-tunneling-service-luci-ui/1106) for discussions of this service.
### Bypass Domains Format/Syntax
Domain lists should be in following format/syntax: ```/domain1.com/domain2.com/vpnbypass```. Please don't forget the leading ```/``` and trailing ```/vpnbypass```. There's no validation if you enter something incorrectly -- it just won't work. Please see [Notes/Known Issues](#notesknown-issues) if you want to edit this setting manually, without Web UI.
## What's New ## What's New
1.1.1 1.1.1
@ -47,8 +54,8 @@ Please head to [LEDE Project Forum](https://forum.lede-project.org/t/vpn-bypass-
0.0.1: 0.0.1:
- Initial release. - Initial release.
## Known Issues
Until user-defined domains are supported within vpnbypass config, you can set domains to be accessed outside of VPN tunnel like so:
## Notes/Known Issues
Domains to be accessed outside of VPN tunnel are not defined in ```/etc/config/vpnpass```, but rather in ```/etc/config/dhcp```. To add/delete/edit domains you can use VPN Bypass Web UI or you can edit ```/etc/config/dhcp``` manually or run following commands:
```sh ```sh
uci add_list dhcp.@dnsmasq[-1].ipset='/github.com/plex.tv/google.com/vpnbypass' uci add_list dhcp.@dnsmasq[-1].ipset='/github.com/plex.tv/google.com/vpnbypass'
uci add_list dhcp.@dnsmasq[-1].ipset='/hulu.com/netflix.com/nhl.com/vpnbypass' uci add_list dhcp.@dnsmasq[-1].ipset='/hulu.com/netflix.com/nhl.com/vpnbypass'


BIN
net/vpnbypass/files/screenshot.png View File

Before After
Width: 783  |  Height: 699  |  Size: 88 KiB

+ 1
- 1
net/vpnbypass/files/vpnbypass.init View File

@ -42,7 +42,7 @@ start_service() {
procd_close_instance procd_close_instance
source /lib/functions/network.sh source /lib/functions/network.sh
while : ; do network_get_ipaddr wanip wan; network_get_gateway gwip wan; [ $c -ge 5 ] && break || let "c+=1"; [ -n "$wanip" -a -n "$gwip" ] && break || output "$p_name waiting for wan gateway...\n"; sleep 2; network_flush_cache; done
while : ; do network_get_ipaddr wanip wan; network_get_gateway gwip wan; [ $c -ge 15 ] && break || let "c+=1"; [ -n "$wanip" -a -n "$gwip" ] && break || output "$p_name waiting for wan gateway...\n"; sleep 2; network_flush_cache; done
[ -z "$wanip" -o -z "$gwip" ] && output "ERROR: $p_name could not get wan interface IP: $wanip or gateway: $gwip!\n" && exit 0 [ -z "$wanip" -o -z "$gwip" ] && output "ERROR: $p_name could not get wan interface IP: $wanip or gateway: $gwip!\n" && exit 0
for ll in ${routes}; do { [ "$ll" = "${ll#*\/*}" ] && ll="${ll}/32"; ip route del $ll; ip route add $ll via $gwip; } >/dev/null 2>&1; done for ll in ${routes}; do { [ "$ll" = "${ll#*\/*}" ] && ll="${ll}/32"; ip route del $ll; ip route add $ll via $gwip; } >/dev/null 2>&1; done


Loading…
Cancel
Save