This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
unix:networking:openwrt_routing [2014/04/30 05:23] ben |
unix:networking:openwrt_routing [2015/11/17 07:10] (current) ben [Transmission Update Script] |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== "Split" VPN routing with OpenWRT/Tomato ====== | ====== "Split" VPN routing with OpenWRT/Tomato ====== | ||
- | The point of this is to route traffic for specific LAN IP addresses (my NAS) through an openVPN connection on a router running OpenWRT/Tomato firmware. I'm also running "tinyproxy" on the NAS so I can have an individual browser configured on my own station to route through the VPN as well. | + | This is an explanation of how I route traffic for specific LAN IP addresses (my NAS) through an OpenVPN connection on a router running OpenWRT/Tomato firmware. I'm also running "tinyproxy" on the NAS so other clients can use the VPN connection on the router as necessary. |
I've never used awk before and didn't devote a lot of time to these scripts, so save your judgement please. | I've never used awk before and didn't devote a lot of time to these scripts, so save your judgement please. | ||
Line 18: | Line 18: | ||
</code> | </code> | ||
- | Contents of Administration->Scripts->Init: | + | Contents of Administration->Scripts->Init: //(I don't use this anymore but figured I'd leave it documented)// |
<code> | <code> | ||
#Mount optware | #Mount optware | ||
Line 51: | Line 51: | ||
down /opt/etc/scripts/vpnroutedown.sh | down /opt/etc/scripts/vpnroutedown.sh | ||
</code> | </code> | ||
+ | |||
+ | Two files are necessary: | ||
Contents of pia.txt is VPN username on first line, password on second line. | Contents of pia.txt is VPN username on first line, password on second line. | ||
+ | Contents of pia_client_id is a random string: ''head -n 100 /dev/urandom | md5 > pia_client_id'' | ||
===== VPN Scripts ===== | ===== VPN Scripts ===== | ||
Line 80: | Line 83: | ||
for host in $vpndhosts;do for server in $dnsservers;do ip rule add from $host to $server lookup main;ip rule add from $server to $host lookup main;done;done | for host in $vpndhosts;do for server in $dnsservers;do ip rule add from $host to $server lookup main;ip rule add from $server to $host lookup main;done;done | ||
- | /opt/etc/scripts/port_forward_update.sh | + | /opt/etc/scripts/port_forward_update.sh & |
</code> | </code> | ||
Line 92: | Line 95: | ||
===== Port-forward Script ===== | ===== Port-forward Script ===== | ||
- | This is specific to Private Internet Access's method for getting a port forwarding port via an HTTPS request. It uses iptables PREROUTING to forward the port to the internal LAN address. Once the port is retrieved, if there's no forwarding enabled currently, it gets enabled. If it's different from what is currently forwarded, it replaces what's currently in place. Once the ports are setup it calls the script to update the transmission config. | + | This is specific to Private Internet Access's method for getting a port forwarding port via an HTTPS request. It uses iptables PREROUTING with the NAT table to forward the port to the internal LAN address. Once the port is retrieved, if there's no forwarding enabled currently, it gets enabled. If it's different from what is currently forwarded, it replaces what's currently in place. Once the ports are setup it calls the script to update the transmission config. |
Contents of port_forward_update.sh: | Contents of port_forward_update.sh: | ||
Line 152: | Line 155: | ||
#!/bin/sh | #!/bin/sh | ||
echo $1 to $2 | echo $1 to $2 | ||
- | ssh -i /opt/etc/pia/id_rsa root@nas cp /etc/transmission-daemon/settings.json /etc/transmission-daemon/settings.json.bak | + | transmissionhost=192.168.33.200 |
- | ssh -i /opt/etc/pia/id_rsa root@nas "cat /etc/transmission-daemon/settings.json.bak | sed -e s#\:\ $1,#\:\ $2,#g > /etc/transmission-daemon/settings.json" | + | settingspath=/usr/local/transmission/var |
- | ssh -i /opt/etc/pia/id_rsa root@nas killall -HUP transmission-daemon | + | settingsfile=$settingspath/settings.json |
+ | |||
+ | ssh -i /opt/etc/pia/id_rsa root@$transmissionhost cp $settingsfile $settingsfile.bak | ||
+ | #ssh -i /opt/etc/pia/id_rsa root@$transmissionhost ls -l $settingsfile $settingsfile.bak | ||
+ | ssh -i /opt/etc/pia/id_rsa root@$transmissionhost 'cat '"'$settingsfile.bak'"' | sed -e s#\ \ \ \"peer-port\"\:\ [0-9][0-9][0-9][0-9][0-9],#\ \ \ \"peer-port\"\:\ '"'$2'"',#g > '"'$settingsfile'"'' | ||
+ | ssh -i /opt/etc/pia/id_rsa root@$transmissionhost grep peer-port $settingsfile $settingsfile.bak | ||
+ | ssh -i /opt/etc/pia/id_rsa root@$transmissionhost killall -HUP transmission-daemon | ||
</code> | </code> | ||