想让所有连入 OpenWRT 的设备通过 OenV 批恩上网,求 /etc/config/firewall 规则,谢谢。
opkg update opkg install luci-i18n-base-zh-cn luci-i18n-firewall-zh-cn openssh-server openssh-sftp-server openvpn-openssl openvpn-easy-rsa luci-i18n-openvpn-zh-cn
cat << EOF > /etc/config/openvpn package openvpn
config openvpn 'client' option enabled '1' option client '1' option dev 'tun' option proto 'udp' list remote '104.224.162.204 1154' option resolv_retry 'infinite' option nobind '1' option persist_key '1' option persist_tun '1' option user 'nobody' option ca '/etc/openvpn/ca.crt' option cert '/etc/openvpn/client.crt' option key '/etc/openvpn/client.key' option cipher AES-256-CBC option comp_lzo 'yes' option verb '3' EOF
cat << EOF >> /etc/config/network config interface 'openvpn_client' option proto 'none' option ifname 'tun0' EOF
/etc/init.d/network reload
/etc/init.d/openvpn start /etc/init.d/openvpn enable
#下列规则可能是错的 iptables -I FORWARD -o br-lan -j ACCEPT iptables -I FORWARD -o tun0 -j ACCEPT iptables -t nat -I POSTROUTING -o tun0 -j MASQUERADE iptables-save