PBR app
Introduction
PBR app provides an advanced policy-based routing solution.
Command-line instructions
Install and enable PBR app.
# Install packages opkg update opkg install pbr # Enable PBR uci set pbr.config.enabled="1" uci commit pbr service pbr restart
Extras
Web interface
If you want to manage PBR settings using web interface. Install the necessary packages.
# Install packages opkg update opkg install luci-app-pbr service rpcd restart
Support OpenVPN
Support unmanaged protocols like OpenVPN.
# Support OpenVPN uci add_list pbr.config.supported_interface="tun*" uci commit pbr service pbr restart
Support Tailscale
Create rules with a lower numeric priority value when using Tailscale.
# Support Tailscale uci add_list pbr.config.supported_interface="tailscale*" uci set pbr.config.wan_ip_rules_priority="1" uci commit pbr service pbr restart
Route LAN to VPN
Disable gateway redirection in the VPN client configuration.
Route LAN 192.168.1.0/24
to VPN.
# Route LAN to VPN uci add pbr policy uci set pbr.@policy[-1].src_addr="192.168.1.0/24" uci set pbr.@policy[-1].interface="vpn" uci commit pbr service pbr restart
Forward WAN port
Forward WAN port to a webserver running on 192.168.1.2
.
Arrange this policy above more generic ones.
# Forward WAN port uci add pbr policy uci set pbr.@policy[-1].src_addr="192.168.1.2" uci set pbr.@policy[-1].src_port="443" uci set pbr.@policy[-1].proto="tcp" uci set pbr.@policy[-1].interface="wan" uci reorder pbr.@policy[-1]="1" uci commit pbr service pbr restart
Prioritize local subnets
Prioritize routing between local subnets 192.168.1.0/24
and 192.168.3.0/24
.
Arrange this policy above all others.
# Prioritize local subnets uci set pbr.config.webui_show_ignore_target="1" uci add pbr policy uci set pbr.@policy[-1].dest_addr="192.168.1.0/24 192.168.3.0/24" uci set pbr.@policy[-1].interface="ignore" uci reorder pbr.@policy[-1]="1" uci commit pbr service pbr restart