Show pagesourceOld revisionsBacklinksBack to top × Table of Contents PBR with netifd Introduction Features Implementation Commands Instructions Examples Automated PBR with netifd This article relies on the following: Accessing web interface / command-line interface Managing configs / packages / services / logs Introduction This instruction configures PBR with netifd on OpenWrt. Follow the automated section for quick setup. Features Utilize multiple upstream interfaces with their own gateways. Route different subnets/clients to a different gateway. Prioritize routing for local subnets and tunnel endpoints. Implementation Automatically set up PBR with netifd: Set up named routing tables for each interface. Assign each interface to its own routing table. Create default routes for unmanaged interfaces. Create default routing rules after subnets/endpoints. Create custom routing rules before the default ones. Commands Sub-command Description reset Reset policy-based routing. setup Set up policy-based routing. unset Unset policy-based routing. Instructions # Configure profile mkdir -p /etc/profile.d cat << "EOF" > /etc/profile.d/pbr.sh pbr() { local PBR_CMD="${1}" case "${PBR_CMD}" in (reset) pbr unset pbr setup ;; (setup|unset) . /lib/functions.sh . /lib/functions/network.sh config_load network config_foreach pbr_iface_proc interface pbr_rule_"${PBR_CMD}" uci commit network /etc/init.d/network restart ;; (*) command pbr "${@}" ;; esac } pbr_iface_proc() { local NET_CONF="${1}" local NET_PROTO config_get NET_PROTO "${NET_CONF}" proto case "${NET_CONF}" in (loopback) return 0 ;; esac case "${NET_PROTO}" in (gre*|vti*|vxlan|xfrm|relay) return 0 ;; (none) pbr_route_"${PBR_CMD}" ;; esac pbr_table_"${PBR_CMD}" } pbr_route_setup() { uci -q batch << EOI set network.'${NET_CONF}'_rt='route' set network.'${NET_CONF}'_rt.interface='${NET_CONF}' set network.'${NET_CONF}'_rt.target='0.0.0.0/0' set network.'${NET_CONF}'_rt6='route6' set network.'${NET_CONF}'_rt6.interface='${NET_CONF}' set network.'${NET_CONF}'_rt6.target='::/0' EOI } pbr_route_unset() { uci -q batch << EOI delete network.'${NET_CONF}'_rt delete network.'${NET_CONF}'_rt6 EOI } pbr_table_setup() { uci -q batch << EOI set network.'${NET_CONF}'.ip4table='${NET_CONF%6}' set network.'${NET_CONF}'.ip6table='${NET_CONF%6}' EOI if ! grep -q -E -e "^[0-9]+\s+${NET_CONF%6}$" \ /etc/iproute2/rt_tables then sed -i -e "\$a $(($(sort -r -n \ /etc/iproute2/rt_tables \ | grep -o -E -m 1 "^[0-9]+")+1))\t${NET_CONF%6}" \ /etc/iproute2/rt_tables fi } pbr_table_unset() { uci -q batch << EOI delete network.'${NET_CONF}'.ip4table delete network.'${NET_CONF}'.ip6table EOI sed -i -r -e "/^[0-9]+\s+${NET_CONF%6}$/d" \ /etc/iproute2/rt_tables } pbr_rule_setup() { local NET_CONF local NET_CONF6 network_flush_cache network_find_wan NET_CONF network_find_wan6 NET_CONF6 uci -q batch << EOI set network.default='rule' set network.default.lookup='${NET_CONF%6}' set network.default.priority='80000' set network.default6='rule6' set network.default6.lookup='${NET_CONF6%6}' set network.default6.priority='80000' EOI } pbr_rule_unset() { uci -q batch << EOI delete network.default delete network.default6 EOI } EOF . /etc/profile.d/pbr.sh Examples # Set up PBR pbr setup Automated uclient-fetch -O pbr.sh "https://openwrt.org/_export/code/docs/guide-user/network/routing/pbr_netifd?codeblock=0" . ./pbr.sh This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.OKMore information about cookies Last modified: 2023/01/16 23:24by vgaetera