Reputation: 171
Bypassing VPN while using a kill switch - DD-WRT
I have setup OpenVPN on my R7800 router to connect to my VPN provider.
I want to bypass the tunnel for some sites. For the sake of question let it be www.whatsmyip.com
I have two ip rules acting as kill switch for my VPN connection added to "Firewall" script:
iptables -I FORWARD -o $WAN_IF -m state --state NEW -j REJECT --reject-with icmp-host-prohibited
iptables -I FORWARD -o $WAN_IF -p tcp -m state --state NEW -j REJECT --reject-with tcp-reset
Actually a bit more complicated since I use Policy Based Routing (PBR), but it shouldn't matter. Reference
I have found that bypassing the tunnel for specific domain names is possible using the following commands:
allow-pull-fqdn
route www.whatsmyip.com 255.255.255.255 net_gateway
I have entered the above to "OpenVPN Client --> Additional Config" field.
The above seems to work, since the kill switch kicks in and forbids the connection and page is not loading.
So, I need to add a firewall rule to allow this connection. The following rule is entered below the kill switch rules:
iptables -I OUTPUT -d whatsmyip.org -j ACCEPT
I came up to this reading this
Apparently, the rule I came up is not right.
How can I properly modify the above rule in order to bypass the kill switch successfully?
Thank you in advance.
Upvotes: -1
Views: 1034
Answers (1)
Reputation: 171
I am posting the answer here for clarity.
iptables -I FORWARD -d whatsmyip.org -o $(get_wanface) -j ACCEPT
No need for allow-pull-fqdn, it is default in OpenVPN 2.4
Upvotes: 0
Related Questions
- Ryu Controller Drop Packet
- How do I programmatically disconnect an OpenVPN connection?
- Can a VPN Killswitch be configured/programmed in iOS?
- Disconnecting VPN in C# using DOTRAS
- Disable VPN upon application exit
- Stopping a switch from Pox controller
- Settingup router vpn while exluding Netflix
- How do I kill an OpenVPN connection using Perl?
- C# - Close OpenVPN Cleanly
- Cannot access Remote PC through VPN while behind DD-WRT router?