I have been trying to simplify my babel setup. I have 8 /27s out of a single /24 that I would like not to have to expose to the universe.
I have 172.21.2.0/27, 172.21.2.64/27 etc on each of the 8 devices I have. But there is no need to export each /27, as these are out of a single /24. The way to do that is to setup /etc/babel.conf to only let /24s out... redistribute ip 0.0.0.0/0 le 24 allow redistribute local deny (this can also easily be expressed in the /etc/config/babeld file) And at the moment, I add this to /etc/firewall.user to add the covering route locally. ip route add unreachable 172.21.2.0/24 proto static Boom, I go from exporting 16 routes to 1. Where I'm stuck is on how to express the above line inside of uci and luci. Luci demands both a specific interface name and a numeric destination, if you are trying this via the route method. If you try the otherwise promising uci newfangled "rule" method by adding something like this to /etc/config/network config rule option dest '172.21.2.0/24' option action 'unreachable' You end up bricking the router's network setup. http://wiki.openwrt.org/doc/uci/network#routing.actions _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel