Remote Access with DD-WRT OpenVPN Client

General Discussions
25

Here is an updated script that does not rely on the actual IP’s address of Plex…

# http://www.linksysinfo.org/index.php?threads/routing-traffic-between-regular-i - Pastebin.com

! # Routing traffic between regular ISP and two VPN connections | LinksysInfo.org
! # Put this in the Firewall portion of the script section in Administration
!
! #!/bin/sh
! set -x # uncomment/comment to enable/disable debug mode
!
! (
! TID=“200”
! FW_MARK=“0x88”
! IPSET=“myipset”
!
! # cleanup from prior execution
! (
! # stop split tunnel
! ip rule del fwmark $FW_MARK table $TID
!
! # delete firewall rules
! iptables -t mangle -F
!
! # delete ipset hash table
! ipset -F $IPSET
! ipset -X $IPSET
!
! # delete alternate routing table
! ip route flush table $TID
!
! # force routing system to recognize our changes
! ip route flush cache
!
! # enable reverse path filtering
! for i in /proc/sys/net/ipv4/conf//rp_filter; do echo 1 > $i; done
!
! sleep 3
! ) > /dev/null 2>&1
!
! # quit if neither OpenVPN client is active
! ! ip route show | egrep -qm1 ‘tun1[1-2]’ && exit
!
! # copy main routing table (exclude all default gateway routes)
! ip route show | egrep -v ‘^default|^0.0.0.0/1|^128.0.0.0/1’
! | while read route; do
! ip route add $route table $TID
! done
!
! # add WAN as default gateway
! ip route add default via $(nvram get wan_gateway) table $TID
!
! # force routing system to recognize our changes
! ip route flush cache
!
! # disable reverse path filtering
! for i in /proc/sys/net/ipv4/conf//rp_filter; do echo 0 > $i; done
!
! # load required netfilter modules
! (modprobe xt_set || modprobe ipt_set) 2> /dev/null
!
! # create ipset hash table
! insmod ip_set_hash_ip
! ipset -N $IPSET iphash -q
! ipset -F $IPSET
!
! # add firewall rule
! iptables -t mangle -A PREROUTING -p tcp -m multiport --sport 3000,8085,32400 -j MARK --set-mark $FW_MARK
! iptables -t mangle -A PREROUTING -m set --match-set $IPSET dst -j MARK --set-mark $FW_MARK
!
! # OUTPUT for Admin page of router (Set port for your setting)
! iptables -t mangle -A OUTPUT -p tcp -m multiport --sport 8080 -j MARK --set-mark $FW_MARK
!
! # start split tunnel
! ip rule add fwmark $FW_MARK table $TID
!
! ) 2>&1 | logger -t “ovpn_split[$$]”

In addition, put this in your DNSMasq custom configuration:

ipset=/netflix.com/google.com/plex.tv/my.plexapp.com/canyouseeme.org/myipset