Lightweight policy-based routing

Philip Prindeville philipp_subx at redfish-solutions.com
Fri Dec 4 14:32:48 EST 2020


Hi.

I’m currently manually doing the following in a script but was wondering if there was an easy way to do this in UCI, such as in /etc/config/network:

#!/bin/sh

INTF=xfrm0
STB=192.168.3.6/24
TABLE=stb
GW2=192.168.1.252
NETS="151.101.0.0/16"

eval `ipcalc -n -p $STB`

if ! grep -q "^200 $TABLE" /etc/iproute2/rt_tables; then
    echo "200 $TABLE" >> /etc/iproute2/rt_tables
fi

for NET in $NETS; do
    ip route add $NET via $GW2 dev $INTF table $TABLE
done
ip route add $NETWORK/$PREFIX dev br-lan table $TABLE

ip route flush cache

ip rule add from ${STB%%/*} table $TABLE


Basically, I have an STB that I travel with that mostly works on the road, but one of the services is anchored to my home IP so I have to backhaul that with VPN to get it to work, and that service is hosted on fastly.

Is there any easy way to integrate this into my OpenWRT config?  (Yes, I also have a RPi4 that I use as a portable pocket firewall/hotspot…)

Thanks,

-Philip






More information about the openwrt-devel mailing list