Wireless Joint

Sharing Innovative Ideas and Solutions
https://wirelessjoint.com/

OpenWRT Custom Rules for TTL when not VPN Connected

https://wirelessjoint.com/viewtopic.php?t=3941

Page 1 of 1

OpenWRT Custom Rules for TTL when not VPN Connected

Posted: Wed Apr 05, 2023 8:27 pm
by character82
hey guys,

Trying to figure something out.

My understanding (please correct me if I'm wrong) is that I don't have to worry about TTL settings if all my data is going through a VPN.

If this is true, then I shouldn't need TTL rules in my setup.... but...

What about when my VPN is not connected?

How do apply TTL / Custom Firewall rules in OpenWRT that only apply if I'm not connecting via VPN?

Here are the TTL / HL settings I'm using in my 3x modem setup.

TTL / HL Custom Rules:

Code: Select all

# MODEM 0 (AT&T Tablet Plan):
INTERFACE1 = wwan0
TTL1 =

# MODEM 1 (Tmobile 5G Home Internet Plan):
INTERFACE2 = wwan1
TTL2 =

# MODEM 2 (Verizon 5G Phone Plan):
INTERFACE2 = wwan2
TTL3 = 65

#startTTL for ipv4
iptables -t mangle -I POSTROUTING -o INTERFACE1 -j TTL --ttl-set TTL1
iptables -t mangle -I PREROUTING -i INTERFACE1 -j TTL --ttl-set TTL1
iptables -t mangle -I POSTROUTING -o INTERFACE2 -j TTL --ttl-set TTL2
iptables -t mangle -I PREROUTING -i INTERFACE2 -j TTL --ttl-set TTL2
iptables -t mangle -I POSTROUTING -o INTERFACE2 -j TTL --ttl-set TTL3
iptables -t mangle -I PREROUTING -i INTERFACE2 -j TTL --ttl-set TTL3

#endTTL

#startTTL ipv6
ip6tables -t mangle -I POSTROUTING ! -p icmpv6 -o INTERFACE1 -j HL --hl-set TTL1
ip6tables -t mangle -I PREROUTING ! -p icmpv6 -i INTERFACE1 -j HL --hl-set TTL1
ip6tables -t mangle -I POSTROUTING ! -p icmpv6 -o INTERFACE2 -j HL --hl-set TTL2
ip6tables -t mangle -I PREROUTING ! -p icmpv6 -i INTERFACE2 -j HL --hl-set TTL2
ip6tables -t mangle -I POSTROUTING ! -p icmpv6 -o INTERFACE2 -j HL --hl-set TTL3
ip6tables -t mangle -I PREROUTING ! -p icmpv6 -i INTERFACE2 -j HL --hl-set TTL3
#endTTL
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited