DD-WRT, OpenVPN, Policy Based Routing, Excluding IPs/Netflix

These are just notes to use policy based routing when I decide to do so.

hopefully sometime in future setup rules to

  • send all traffic through vpn except for a couple of ips
  • send all traffic through vpn except for certain destinations like maybe netflix

related links to lookup

just random notes from looking at different posts:

  • openvpn adds rules new table ‘table 10’
  • ssh to the router and /tmp/openvpncl – has all the files
    • policy_ips has the ips we list in the ui
    • route_up.sh is the script that sets up the route table 10 and the routes for the ips
  • essentially routes will have to setup and/or firewall rules will have to be setup
  • routing
    • From the Linux networking help pages (http://linux-ip.net/html/routing-tables.html) found that there could be other routing tables other than main and the tables will be under /etc/iproute2/rt_tables. this is not present in the ddwrt. I couldn’t find a command that will list the different routing tables or where they are specified in dd-wrt.
    • “ip route” or “ip route show” lists all the routes from the main routing table
    • finally while looking at the help realized “ip route show table all” – will list the routes from all the tables, this is how i was able to see table 10 added by openvpn
    • ip rule list will show the different rules
    • you can also you “netstat -rn” to look at the rules (this will show the tun1 interface) and iptables to look at the firewall rules, “iptables -L” will list all the firewall rules

BandwidthController – network traffic management

Windows tool that allows to control bandwidth used by different machines in the network. http://bandwidthcontroller.com/

  • Useful to restrict bandwidth and also to test how applications would behave based on available bandwidth
  • Used it once a couple of years ago. works great. There is a free single user versionhttp://bandwidthcontroller.com/download.html


List open ports – netstat

netstat can be used to list all open ports on a machine Linux

$ netstat -an | grep -i listen
Command options will be different in diff version of linux


> netstat -a | find /i "listening"
> netstat -b     //will show the process names
> netstat -?

Powershell with netstat, netsh

Powershell also makes it easy to use and process the output from netstat, netsh or any other commands.

C:\> $n = netstat
C:\> $n | select-string "listening"

(See links below for related articles. Powershell allows getting net statistics via cmdlets like Get-NetIPAddress, the .net classes in System.Net.Networkinformation etc.)

Links on the web used for info: