Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
docs:guide-user:network:routing:examples:pbr_app [2023/09/07 01:44] – update vgaeteradocs:guide-user:network:routing:examples:pbr_app [2023/09/07 22:17] (current) – move to docs:guide-user:network:routing:pbr_app vgaetera
Line 1: Line 1:
-====== Routing example: PBR app ====== 
-A typical configuration scenario that can be adapted for most common use cases: 
-  * [[https://docs.openwrt.melmac.net/pbr/#a-word-about-default-routing|Disable gateway redirection]] in the VPN client configuration. 
-  * Route LAN ''192.168.1.0/24'' to WAN by default and DMZ ''192.168.3.0/24'' to VPN. 
-  * Configure WAN port forwarding for a webserver running on ''192.168.3.2''. 
- 
-<code bash> 
-# Install packages 
-opkg update 
-opkg install pbr luci-app-pbr 
-/etc/init.d/rpcd restart 
- 
-# Enable PBR 
-uci set pbr.config.enabled="1" 
-uci set pbr.config.resolver_ipset="none" 
-uci set pbr.config.webui_show_ignore_target="1" 
-uci commit pbr 
-/etc/init.d/pbr restart 
- 
-# Route connections between local networks 
-uci add pbr policy 
-uci set pbr.@policy[-1].dest_addr="192.168.1.0/24 192.168.3.0/24" 
-uci set pbr.@policy[-1].interface="ignore" 
-uci commit pbr 
-/etc/init.d/pbr restart 
- 
-# Configure WAN port forwarding 
-uci add pbr policy 
-uci set pbr.@policy[-1].src_addr="192.168.3.2" 
-uci set pbr.@policy[-1].src_port="443" 
-uci set pbr.@policy[-1].proto="tcp" 
-uci set pbr.@policy[-1].interface="wan" 
-uci commit pbr 
-/etc/init.d/pbr restart 
- 
-# Route DMZ to VPN 
-uci add pbr policy 
-uci set pbr.@policy[-1].src_addr="192.168.3.0/24" 
-uci set pbr.@policy[-1].interface="vpn" 
-uci commit pbr 
-/etc/init.d/pbr restart 
-</code> 
  
  • Last modified: 2023/09/07 01:44
  • by vgaetera