Thank you for your input, and yes Hope all dictatorships and terrorist regimes will fall down so people can live freely in their own country. Ours is occupied by these islamist maniacs.
Anyway yes i have people outside to do that for me but id rather put no hassle or trouble on anyone for me.
Id be willing to pay and get my own server if its possible and set it up but the way you’re saying looks like GLinet firmware has some differences from “generic” openWRT. i was thinking the skin is different only, my bad.
I guess if its to much work i will be sticking with using VPN apps instead setting it up on router. But to bad to let all these nice spec of the Flint 2 to go waste!
Thanks for your help anyway Eric
1 Like
I just checked the tutorial they provide, and I won’t try it on my device because it’s really deep into the system config. They remove dnsmasq (to install the full version) and do a switch between nftables and iptables. Unfortunately, GL is mostly based on iptables, so I would say this will cause issues here.
In my opinion, the only way to get this working without starting to cry is by converting the device into a plain OpenWrt one.
2 Likes
Fcvk me; that’s an issue to severely understate it.
@solidus1983 : Hey Rogers, do you have a build for the Flint v2, preferably without iptables, of vanilla OWRT 23.05? OP is going to need dnsmasq.nftset for Stangri’s full PBR which requires dnsmasq-full. It’s suppose to allow " Any policy can target either WAN or a VPN tunnel interface." I presume that’d also apply to ShadowSocks, STunnel, v2Ray, etc.
@GreenCat : Going with ‘vanilla’/stock OWRT starting to look as how I’d do this. GL has too many limitations in their custom firmware given the hostile territory you’re in. You need unrestricted access to full OWRT & their up to date package feeds. You don’t want to have traffic monitored if/when an ‘old’ protocol is outdated.
1 Like
Hello bridge. Thank you for the info.
I like Glinet skin ( firmware ) looks nice and pretty.
Do u think its worth flashing it with “vanilla/stock OWRT” ? If so i need to learn how to do it… Also are there any way to get back into GLinet firmware, in case things went south?
Thank you so much and everyone else for Trying to help. I appreciate this a looot.
Yeah, if there’s anyone who need vanilla OWRT, it’s you. You really do need full access to the OpenWrt ecosystem. GL builds an incredibly easy to use GUI but they also make some deep modifications to OpenWrt to make that happen. That’s a problem.
The fact that GL themselves are based in a hostile terrority that is the CPC some VPN technologies aren’t going to be supported… for example, if you bought your Flint v2 in Asia from, say, Alibaba, you wouldn’t have any VPN options. I wish I was kidding.
Regarding GUIs: stock OpenWrt ships with a GUI known as LuCI. It’s already on your Flint v2 (GL GUI → System → Advanced Settings; same password as GL GUI, username root ). It really is more advanced… but you’ll still have problems from the GL customizations regardless (eg: iptables firewall/routing modifications).
Can you access Youtube without interference/restrictions in Iran? I’ll explain why I ask if you can.
2 Likes
thanks for ur answer.
No we dont have access to youtube, whats app, telegram, instagram, facebok, twitter… u name it; even google play! is filtered and we need VPN to access pretty much everything and every app and site!
sorry i dont know much about LuCi. I would also need some help to flash to Vanilla OPENWRT. if you or anyone here would be kind to guild me please.
Thanks
Edit" BTW i bought mine from Amazon US. and a family member brought it here for me. so explains why i have vpn option on mine still
Until we hear back from @solidus1983 if he has a stock build for the Flint v2 (GL-MT6000), I would prefer to not recommend flashing the ‘snapshot’ build that OpenWrt, the organisation, has for the GL-MT6000. Snapshots are really, really new attempts at building firmware for devices. To say they’re not even ‘beta’ quality is an understatement. They are developer attempts. You will have problems.
I’d prefer to hear what @solidus1983 has to say. He’s quite intimate with the inner working of the Slate Plus, Slate AX, Flint v1 if not the Flint v2.
Actually installing stock OpenWrt on a GL device is pretty easy; instructions are on the device page by OpenWrt. They refer to U-boot; U-boot usage is explained in the GL Documentation for Debricking.
What I would do is make a backup of your Flint v2’s current state as it stands before proceeding in any direction. Installing the OWRT snapshot requires some foundation skills but it’s not rocket science. If you can handle this HOW-TO, you’ll be far more able than most to flash vanilla/stock:
(The thing about all this is that you would have this exact same trouble if you got the ExpressVPN version so don’t feel bad; the Flint v2 will serve you better in the long run. You just jumped into ‘the deep end’ a little too early. It’s still better than being late. 
)
1 Like
Snapshots are ok to me, using them for my builds which is what my main network runs 100% of the time.
Doesn’t PBR-Iptables work? As my builds still use FW3, if the nftable version is required you are going to need to use openwrt’s builds and use the firmware selector tool to include what you need.
2 Likes
Tbh, I don’t know. The tutorial installs v2ray which requires some modules to be installed as well. Since I don’t know the modules, I am not aware if they are fully compatible with the GL firmware. Maybe it’s just easy, and you can follow it without taking additional care?
<snip>
# Check your firewall implementation
# Install the following packages for the nftables-based firewall4 (command -v fw4)
# Generally speaking, install them on OpenWrt 22.03 and later
opkg install kmod-nft-tproxy
# Install the following packages for the iptables-based firewall3 (command -v fw3)
# Generally speaking, install them on OpenWrt 21.02 and earlier
opkg install iptables-mod-conntrack-extra \
iptables-mod-extra \
iptables-mod-filter \
iptables-mod-tproxy \
kmod-ipt-nat6
</snip>
1 Like
Thanks for responding; if you’re OK w/ snapshots, then.
I seem to recall PBR’s docs state nft is highly recommended if not a dependency for it. Give the Iranian regime situation I’m tending to lean on it if it will help ensure no leaks. On second thought it may not even be necessary if all traffic is to route over v2RayA anyways. OP can speak to that, of course.
Oh, look! It looks like U-boot isn’t even needed to flash stock OWRT for the Flint v2. They have a LuCI compatible Sysupgrade image:
LuCI → System → Backup / Flash Firmware → Flash new firmware image → [ Flash image … ]
Wait 5 minutes or so for it to complete the process. The router’s default IP will become 192.168.1.1 instead of GL’s 192.168.8.1. Disconnect & reconnect your computer so it gets an updated LAN IP. You’ll then have to log into the Flint v2 via SSH & execute
opkg update; opkg install \
luci \
luci-ssl \
uhttpd \
liblua \
libubus \
libubus-lua \
libuci-lua \
lua \
luci-base \
luci-lib-ip \
luci-lib-jsonc \
luci-lib-nixio \
luci-mod-admin-full \
luci-theme-bootstrap \
rpcd \
luci-app-firewall \
luci-app-opkg \
luci-proto-ipv6 \
luci-proto-ppp \
&& /etc/init.d/uhttpd enable; /etc/init.d/uhttpd start
🢁 Paste that as one full line. That should install the LuCI GUI on your new, stock OWRT 23.05, at https://192.168.1.1 . root is still the default login.
1 Like
Fcvk iptables. nft is mainline Upstream; eventually we’re all going to have to deal with it anyways. Might as well start cutting our teeth on it sooner than later.
3 Likes
Theres also iptables wrappers around like iptables-zz-legacy which interprets iptables to nfttables.
i believe pbr-iptables is not a wrapper since it links iptables in its dependency.
But yea i find this rather confusing, i never liked the change from upstream Linux iptables to nfttables 
, OpenWrt seems to heavily rely to some wrapper hack… i see this with docker too!
Though i believe the oem firmware still use iptables or a wrapper, the question more is if it supports all those modules idd 
2 Likes
Thank you againg for your time and effort… also everyone else…
So i go into that link and download the last file… ( in pic )
then will need to SSH right?
I use ubuntu btw. Can i use putty for ssh? sorry if its noob question. If im using Linux as my main OS doesnt mean im sogood at command lines. it just means i pretend to be good 
Then After SSH. i need to do what again? im somewhat confused.
Thanks again for your time. i really appreciate this and I hope this thread can help others too who will be searching for it. in the future.
Great Community we have here. Many helpful and informative and friendly people with a loot of knowledge! Glad i picked GLinet
Yes, you can. If you open a terminal in ubuntu, you can also use the command “ssh root@192.168.1.1”
Do the command bring.fringe18 said. That one starting with “opkg update;”. That installs the luci web-interface onto stock OpenWRT.
Once that is done, you can manage many basic things using https://192.168.1.1/ (like Wifi-networks under Network → Wireless). Once you’re at that point I believe someone will probably try to see if he can help out with v2ray I guess.
2 Likes
Thank you i will try it tonight and will put screenshot here or if there’s any issue.
i appreciate yall helpz
You can copy & paste output from the Terminal/command line interface (CLI) instead of screenshots.
Before posting, use three backticks (```) as a new line before and after the pasted output to format it properly… like what I did for that opkg update; opkg install [...] code block.
```
like
this
```
This forum supports the Markdown formatting language. You may find other forums using the same.
1 Like
Not sure i understood what did you mean here by " …"
I’m going to flash it now anywho…
Thanks again a universe
You don’t always need to post screenshots. Text output fr the CLI can be posted
```
like
this
```
like
this
(The […] just means there’s more to that line but I truncated it because it wasn’t relevant. There’s no sense reposting it all.)
1 Like