This works perfectly as far as selectively routing IP’s.
ip rule add from 192.168.8.135/32 table 200
ip rule add to 69.196.175.157 table 200
ip route add default via 192.168.217.1 dev eth0.2 table 200
ip route flush cache
This is loaded at the end of the startup script located at the bottom of the page at Advanced Settings, System, Startup. It is loaded just above the “exit 0” statement.
This script assumes the VPN tunnel to be the default, so it specifies which IP’s are routed directly to the local ISP. It can be modified to cover any individual IP or range of IP’s.
192.168.8.135/32 is the IP address assigned to my PC by the GL-MT300N-V2 so I made it static for this exercise. Static IP addressing is a necessity to keep this working over time.
The second line is a route to my ISP’s email server. My VPN provider (PIA) blocks port 25 and my ISP doesn’t use ports 465 or 587 on their SMTP server so my only other option is to turn off PIA to send email. I intend to modify this asap with a more selective routing command that will only pass port 25. I haven’t got that working yet, but this at least allows me to communicate with the SMTP server while I am working on the script.
I tested line one by manually switching my PC’s private IP address while verifying my public IP directly from Private Internet Access:
I tested the second line by sending test emails from another PC connected to the wireless LAN of the GL-MT300N-V2.
You can modify and repeat the first and second lines as many times as you want in order to cover all the IP’s you need.
eth0.2 is the WAN port on the GL-MT300N-V2
192.168.217.1 is the LAN IP address of the router that is directly connected to the WAN port of the GL-MT300N-V2.
After these scripts were added, I did a leak test at:
https://www.privateinternetaccess.com/forum/discussion/2114/ipv6-leak-dns-leak-e-mail-ip-leak
Their was one detected leak that was unrelated to this script. I had to disable IPv6 settings at Advanced Settings, Network, Interfaces, WAN6. I disabled “Request IPv6-address” and “Request IPv6-prefix of length”. That eliminated the detected IPv6 DNS leak.
I will update this when I get the selective port routing completed.