Iptables or network setup help Flint 2

Technical Support for Routers
1

I have a question for you guys because i am not that good at iptables. I want to have this concept on my network :

  1. all client to use wg vpn just some devices to be excluded because are work devices and is better to use them with real ISP IP.
  2. i want to use the Killswitch but if i active it now will kill the internet for the devices who are not using VPN(work ones)

is not possible to exclude this work devices out of this rules?

2

is this not possible with vpn policies?

Screenshot_2024-08-25-08-38-58-888_com.brave.browser-edit
Screenshot_2024-08-25-08-38-58-888_com.brave.browser-edit1220×1925 170 KB

Screenshot_2024-08-25-08-39-38-099_com.brave.browser-edit
Screenshot_2024-08-25-08-39-38-099_com.brave.browser-edit1220×2712 243 KB

Screenshot_2024-08-25-08-40-16-759_com.brave.browser-edit
Screenshot_2024-08-25-08-40-16-759_com.brave.browser-edit1220×2712 154 KB

Screenshot_2024-08-25-08-40-55-377_com.brave.browser
Screenshot_2024-08-25-08-40-55-377_com.brave.browser1220×2712 152 KB

Else if you need something very custom you can edit this piece of code, which is in /usr/bin/route_policy or you may can also make it much easier by typing ip rule and check the fw marks, then apply fw marks of wan and test?

1 Like
3

Yup, the VPN policies are the answer to this.
VPN Killswitch is always active - no need to set the additional one.

4

Thanks for info. i will try this way. will take a look on the rules

1 Like