search

Ranger802004 / asusmerlin

ASUS Merlin
GNU General Public License v3.0
41 stars 4 forks source link

Problem with running scripts and add many ip's #20

Closed YoshiKill closed 5 months ago

YoshiKill commented 5 months ago

Hello, thanks a lot for you work! I have some noobs question about scripts so please be patient. I need add about 10k ip's for routing via VPN Wireguard. So how i can add it at ones? And i try use scripts, install it, run menu, create policy add some domains for test it work, reboot router. But all traffic is run through vpn wireguard. How i can find what is wrong and how fix it? Upd for some progress, delete rules for vpn director 192.168.50.0/24 if it is necessary for dns use AdguardHome service run on router, try to off him but dont help
update policy in script and have this error:

`Make a selection:
8
1: (All Policies)
2: Ua_block

Select the Policy You Want to Query: 2
ipset v7.6: Kernel error received: Invalid argument
domain_vpn_routing: Restore Policy - ***Error*** Failed to create IPv6 IPSET for Ua_block
iptables v1.4.15: Kernel module xt_set is not loaded in.

domain_vpn_routing: Restore Policy - ***Error*** Failed to add IPTables OUTPUT rule for IPSET: DomainVPNRouting-Ua_block-ipv4 FWMark: 0xa000
iptables v1.4.15: Kernel module xt_set is not loaded in.

domain_vpn_routing: Restore Policy - ***Error*** Failed to add IPTables PREROUTING rule for IPSET: DomainVPNRouting-Ua_block-ipv4 FWMark: 0xa000
iptables v1.4.15: Kernel module xt_set is not loaded in.

domain_vpn_routing: Restore Policy - ***Error*** Failed to add IPTables rule for IPSET: DomainVPNRouting-Ua_block-ipv4 Interface: wgc1 FWMark: 0xa000
Query Policy: Ua_block
ipset v7.6: Kernel error received: Invalid argumentlock
domain_vpn_routing: Query Policy - ***Error*** Failed to create IPv6 IPSET for Ua_block
iptables v1.4.15: Kernel module xt_set is not loaded in.

domain_vpn_routing: Query Policy - ***Error*** Failed to add IPTables OUTPUT rule for IPSET: DomainVPNRouting-Ua_block-ipv4 FWMark: 0xa000
iptables v1.4.15: Kernel module xt_set is not loaded in.

domain_vpn_routing: Query Policy - ***Error*** Failed to add IPTables PREROUTING rule for IPSET: DomainVPNRouting-Ua_block-ipv4 FWMark: 0xa000
iptables v1.4.15: Kernel module xt_set is not loaded in.

domain_vpn_routing: Query Policy - ***Error*** Failed to add IPTables rule for IPSET: DomainVPNRouting-Ua_block-ipv4 Interface: wgc1 FWMark: 0xa000
ipset v7.6: Kernel error received: Invalid argument
ipset v7.6: Kernel error received: Invalid argument
domain_vpn_routing: Query Policy - ***Error*** Failed to add 158.160.45.54 to IPSET: DomainVPNRouting-Ua_block-ipv4
ipset v7.6: Kernel error received: Invalid argument
ipset v7.6: Kernel error received: Invalid argument
domain_vpn_routing: Query Policy - ***Error*** Failed to add 5.255.255.242 to IPSET: DomainVPNRouting-Ua_block-ipv4
ipset v7.6: Kernel error received: Invalid argument
ipset v7.6: Kernel error received: Invalid argument
domain_vpn_routing: Query Policy - ***Error*** Failed to add 77.88.55.242 to IPSET: DomainVPNRouting-Ua_block-ipv4
ipset v7.6: Kernel error received: Invalid argument
ipset v7.6: Kernel error received: Invalid argument
domain_vpn_routing: Query Policy - ***Error*** Failed to add 89.108.84.132 to IPSET: DomainVPNRouting-Ua_block-ipv4
ipset v7.6: Kernel error received: Invalid argument
ipset v7.6: Kernel error received: Invalid argument
domain_vpn_routing: Query Policy - ***Error*** Failed to add 95.213.221.146 to IPSET: DomainVPNRouting-Ua_block-ipv4
ipset v7.6: Kernel error received: Invalid argument
domain_vpn_routing: Query Policy - ***Error*** Failed to save IPv4 IPSET for Ua_block

Press Enter to continue...

`

Ranger802004 commented 5 months ago

It looks like you ip binary is running v1.4.15 when it should be iproute2-5.11.0 with the current ASUS Merlin firmware. This is the reason you are having failures because that version doesn't support the underlying necessary commands and arguments.

YoshiKill commented 5 months ago

It looks like you ip binary is running v1.4.15 when it should be iproute2-5.11.0 with the current ASUS Merlin firmware. This is the reason you are having failures because that version doesn't support the underlying necessary commands and arguments.

Yes, we find out with Gnuton that it's problem with xt_set module in his port of Merlin in ax3000 v2. https://github.com/gnuton/asuswrt-merlin.ng/issues/576 I try his other beta version but any way has some issues, so only just wait for firmware upgrade.

And last question is about how add many Ip's at ones? Any way to do this with script? Because it's necessary in my case with over 10000 ip's. And can i add subnet's (5.188.140.0/22) to script list?