On 04-12-20, Philip Prindeville wrote: > But I’m trying: > > config rule > option src '192.168.3.6' > option lookup 200 > > Per the cheatsheet and it’s resulting in: > > root@OpenWrt2:~# ip rule ls > 0: from all lookup local > 1: from all lookup 200 > 32766: from all lookup main > 32767: from all lookup default > > i.e. the ’src’ is being ignored.
Several years ago (probably with LEDE 17.01) I was using this configuration and it worked: config rule option in 'lan' option src '172.23.184.111/32' option lookup '666' Try with the /32. If it still doesn't work, then it's a regression. > Also trying: > > config route > option target '151.101.0.0/16' > option interface ‘xfrm0' > option gateway '192.168.1.252' > option table 200 > option proto ‘static' > > But that works great. > > > > On Dec 4, 2020, at 1:00 PM, Jo-Philipp Wich <j...@mein.io> wrote: > > > > Hi Philip, > > > > ip rules are possible in uci, but not sure if all the bits you require are > > covered: > > > > https://openwrt.org/docs/guide-user/network/ucicheatsheet#ip_rules_for_both_rule_and_rule6 > > > > `config route` sections allow specifying `option table` as well to stage the > > routes in the non-main rttable. > > > > Since the device options for uci rules and routes require logical networks > > and > > not Linux network device names, you might need to declare a dummy interface > > for xfrm0, like this: > > > > config interface vpn > > option proto static > > option ifname xfrm0 > > > > It might be that netifd will clear out any IP addresses on the xfrm0 > > interface, so you would need to encode those in uci as well: > > > > config interface vpn > > option proto static > > option ifname xfrm0 > > option ipaddr 192.168.1.0/24 > > option table 200 # will instruct netifd to put any related routes into > > table 200 > > > > > > Netifd understands aliases set up in /etc/iproute2/rt_tables but there is no > > uci way to declare new symbolic aliases. So either you need to manage that > > file externally or you stick to numeric table IDs. > > > > ~ Jo > > > > _______________________________________________ > > openwrt-devel mailing list > > openwrt-devel@lists.openwrt.org > > https://lists.openwrt.org/mailman/listinfo/openwrt-devel > > > _______________________________________________ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/mailman/listinfo/openwrt-devel
signature.asc
Description: PGP signature
_______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel