You are here: start / fuss / openwrt

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
fuss:openwrt [2019/03/05 10:22] – [Making Samba Bind to Interfaces] officefuss:openwrt [2022/04/01 16:28] – [Routing all Traffic through OpenVPN] office
Line 89: Line 89:
 The solution is to install ''pip'' via: The solution is to install ''pip'' via:
 <code bash> <code bash>
-opkg install python pip+opkg install python-pip
 </code> </code>
  
Line 96: Line 96:
 pip install -U pip setuptools pip install -U pip setuptools
 </code> </code>
 +
 +====== Routing all Traffic through OpenVPN ======
 +
 +TL;DR: old trick, set a lower interface metric for the OpenVPN interface than the default gateway.
 +
 +Since there does not seem to be an official straightforward answer to route all traffic through OpenVPN "the OpenWrt way"™ the following should be easy to accomplish via the interface:
 +
 +  * ensure that the OpenVPN server (or client configuration file) contains ''redirect-gateway def1'',
 +  * using the OpenWrt interface: ''Network'' -> ''Interfaces'' and for each WAN interface, click ''Edit'' and then go to ''Advanced Settings'' and set the ''Interface Metric'' to a given value (ie: ''10''),
 +  * using the OpenWrt interface: ''Network'' -> ''Interfaces'' open up the OpenVPN interface, go to ''Advanced Settings'' and set the ''Interface Metric'' to a value lower than all WAN interfaces from the previous step (ie: ''1'').
 +
 +OpenWrt does not do this automatically even if ''redirect-gateway def1'' is pushed by the server.
 +
 +====== Getting External Full Disk Encryption to Work ======
 +
 +In order to get full disk encryption to work on OpenWrt, install the following packages:
 +<code bash>
 +opkg install kmod-crypto-ecb kmod-crypto-xts kmod-crypto-hmac kmod-crypto-sha256 kmod-crypto-misc kmod-crypto-user cryptsetup
 +</code>
 +
 +Similarly, if the storage device is connected via the USB port, install the dependent mass storage modules:
 +<code bash>
 +opkg install kmod-usb-storage kmod-usb-storage-uas
 +</code>
 +
 +Some key derivation mechanisms are memory intensive and may exceed the available memory on an OpenWrt router, this results in the following error when formatting or opening a LUKS device "//Not enough available memory to open a keyslot//". To work around the issue, either:
 +  * use the LUKSv1 key derivation by specifying ''--pbkdf pbkdf2'' when formatting the storage device,
 +  * restrict the memory available to the key-derivation mechanism by specifying ''--pbkdf-memory''
  
  
  
fuss/openwrt.txt · Last modified: 2022/06/17 19:08 by office
You are here: start / fuss / openwrt

Access website using Tor Access website using i2p Wizardry and Steamworks PGP Key


For the contact, copyright, license, warranty and privacy terms for the usage of this website please see the contact, license, privacy, copyright.