This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
fuss:openwrt [2019/03/05 10:22] – [Making Samba Bind to Interfaces] office | fuss:openwrt [2022/04/01 16:28] – [Routing all Traffic through OpenVPN] office | ||
---|---|---|---|
Line 89: | Line 89: | ||
The solution is to install '' | The solution is to install '' | ||
<code bash> | <code bash> | ||
- | opkg install python pip | + | opkg install python-pip |
</ | </ | ||
Line 96: | Line 96: | ||
pip install -U pip setuptools | pip install -U pip setuptools | ||
</ | </ | ||
+ | |||
+ | ====== Routing all Traffic through OpenVPN ====== | ||
+ | |||
+ | TL;DR: old trick, set a lower interface metric for the OpenVPN interface than the default gateway. | ||
+ | |||
+ | Since there does not seem to be an official straightforward answer to route all traffic through OpenVPN "the OpenWrt way" | ||
+ | |||
+ | * ensure that the OpenVPN server (or client configuration file) contains '' | ||
+ | * using the OpenWrt interface: '' | ||
+ | * using the OpenWrt interface: '' | ||
+ | |||
+ | OpenWrt does not do this automatically even if '' | ||
+ | |||
+ | ====== Getting External Full Disk Encryption to Work ====== | ||
+ | |||
+ | In order to get full disk encryption to work on OpenWrt, install the following packages: | ||
+ | <code bash> | ||
+ | opkg install kmod-crypto-ecb kmod-crypto-xts kmod-crypto-hmac kmod-crypto-sha256 kmod-crypto-misc kmod-crypto-user cryptsetup | ||
+ | </ | ||
+ | |||
+ | Similarly, if the storage device is connected via the USB port, install the dependent mass storage modules: | ||
+ | <code bash> | ||
+ | opkg install kmod-usb-storage kmod-usb-storage-uas | ||
+ | </ | ||
+ | |||
+ | Some key derivation mechanisms are memory intensive and may exceed the available memory on an OpenWrt router, this results in the following error when formatting or opening a LUKS device "//Not enough available memory to open a keyslot//" | ||
+ | * use the LUKSv1 key derivation by specifying '' | ||
+ | * restrict the memory available to the key-derivation mechanism by specifying '' | ||