-
GL.iNet Interface Scripts: Considering the numerous scripts on the GL.iNet interface, I’ve chosen policy routing via a personalized hotplug script. This script effectively handles custom domains or CIDR blocks to be exempted from the VPN, directly routing their IPs through the primary interface.
-
Routing Table Option: Alternatively, you can establish a routing table to circumvent the VPN. By adding “ip rule add” for specific devices on your network, you can control which devices use the VPN and which ones don’t.
To use this script, make sure to download bind-tools plugin as this script uses DIG to resolve hostnames.
#!/bin/sh
# Add a check for the interface name (e.g., wgclient)
if [ "$INTERFACE" != "wgclient" ]; then
exit 0
fi
# List of host names to add to the routing table
HOSTS="
Enter
Domain
Here
"
# List of custom CIDR blocks to add to the routing table
CUSTOM_CIDR_BLOCKS="
Enter
Custom
CIDR
Here
"
# Network interface name (change to your actual interface name)
BRIDGE_INTERFACE="rmnet_mhi0"
# DNS server for resolution (CloudFlare's public DNS)
DNS_SERVER="1.1.1.1"
# Determine the action based on the provided argument
case "$ACTION" in
ifup)
# Add routes for specified host names
if [ -n "$HOSTS" ]; then
for host in $HOSTS; do
for ip in $(dig +short @$DNS_SERVER $host); do
# Check if the IP address is IPv4
if echo "$ip" | grep -E -q '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
# Check if the route already exists
route_exists=$(ip route show dev $BRIDGE_INTERFACE | grep "$ip")
if [ -z "$route_exists" ]; then
ip route add $ip dev $BRIDGE_INTERFACE
else
echo "Route for IP $ip already exists. Skipping."
fi
fi
done
done
else
echo "No hosts specified. Skipping."
fi
# Add routes for custom CIDR blocks
if [ -n "$CUSTOM_CIDR_BLOCKS" ]; then
for cidr_block in $CUSTOM_CIDR_BLOCKS; do
# Check if the route already exists
route_exists=$(ip route show dev $BRIDGE_INTERFACE | grep "$cidr_block")
if [ -z "$route_exists" ]; then
ip route add $cidr_block dev $BRIDGE_INTERFACE
else
echo "Route for CIDR block $cidr_block already exists. Skipping."
fi
done
else
echo "No custom CIDR blocks specified. Skipping."
fi
;;
ifdown)
if [ "$INTERFACE" = "$BRIDGE_INTERFACE" ]; then
# Delete routes for specified host names
if [ -n "$HOSTS" ]; then
for host in $HOSTS; do
for ip in $(dig +short @$DNS_SERVER $host); do
# Check if the IP address is IPv4
if echo "$ip" | grep -E -q '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
# Check if the route exists
route_exists=$(ip route show dev $BRIDGE_INTERFACE | grep "$ip")
if [ -n "$route_exists" ]; then
ip route del $ip dev $BRIDGE_INTERFACE
fi
fi
done
done
else
echo "No hosts specified. Skipping."
fi
# Delete routes for custom CIDR blocks
if [ -n "$CUSTOM_CIDR_BLOCKS" ]; then
for cidr_block in $CUSTOM_CIDR_BLOCKS; do
# Check if the route exists
route_exists=$(ip route show dev $BRIDGE_INTERFACE | grep "$cidr_block")
if [ -n "$route_exists" ]; then
ip route del $cidr_block dev $BRIDGE_INTERFACE
fi
done
else
echo "No custom CIDR blocks specified. Skipping."
fi
fi
;;
esac