Ysurac / openmptcprouter

OpenMPTCProuter is an open source solution to aggregate multiple internet connections using Multipath TCP (MPTCP) on OpenWrt
https://www.openmptcprouter.com/
GNU General Public License v3.0
1.86k stars 269 forks source link

Can't find omr-bypass rules, restart omr-bypass v6.0, nftset inet fw4 omr_dst_bypass_all_4 Error #3276

Closed jle1511 closed 3 months ago

jle1511 commented 7 months ago

Expect omr-bypass to work but failed

Current Behavior

fresh reinstall on x86, testing omrbypass: 1) domain ifconfig.me > failed, as curl still return with VPS IP 2) mac address: failed, IP on mac still ping to VPS IP 3) all other services are all failed.

System log: Apr 14 01:12:56 OpenMPTCProuter user.notice firewall.omr-server: Firewall reload, set server part firewall reloading Apr 14 01:13:00 OpenMPTCProuter user.notice omr-schedule-010-services: Can't find omr-bypass rules, restart omr-bypass... Apr 14 01:13:00 OpenMPTCProuter user.notice omr-bypass: Starting OMR-ByPass... Apr 14 01:13:02 OpenMPTCProuter user.notice firewall.omr-server: Firewall reload, set server part firewall reloading Apr 14 01:13:02 OpenMPTCProuter user.notice omr-bypass: OMR-ByPass is running Apr 14 01:13:07 OpenMPTCProuter user.notice omr-schedule-010-services: Set firewall on server vps

Possible Solution

Steps to Reproduce the Problem

  1. just set any omr-bypass setting and it doesn't apply

Context (Environment)

bypass VPS IP to master interface

Specifications

jle1511 commented 7 months ago

additional log:

Apr 14 01:20:00 OpenMPTCProuter user.notice omr-schedule-010-services: Can't find omr-bypass rules, restart omr-bypass...
Apr 14 01:20:00 OpenMPTCProuter user.notice omr-bypass: Starting OMR-ByPass...
Apr 14 01:20:01 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 14 01:20:02 OpenMPTCProuter daemon.info omr-tracker-xray: Reload xray rules
Apr 14 01:20:02 OpenMPTCProuter user.notice firewall.omr-server: Firewall reload, set server part firewall reloading
Apr 14 01:20:02 OpenMPTCProuter user.notice omr-bypass: Restart dnsmasq...
Apr 14 01:20:02 OpenMPTCProuter daemon.info dnsmasq[1]: exiting on receipt of SIGTERM
Apr 14 01:20:02 OpenMPTCProuter user.notice omr-bypass: OMR-ByPass is running
Apr 14 01:20:02 OpenMPTCProuter daemon.info dnsmasq[1]: started, version 2.89 cachesize 1000
Apr 14 01:20:02 OpenMPTCProuter daemon.info dnsmasq[1]: DNS service limited to local subnets
Apr 14 01:20:02 OpenMPTCProuter daemon.info dnsmasq[1]: compile time options: IPv6 GNU-getopt no-DBus UBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP conntrack no-ipset nftset auth cryptohash DNSSEC no-ID loop-detect inotify dumpfile
Apr 14 01:20:02 OpenMPTCProuter daemon.info dnsmasq[1]: UBus support enabled: connected to system bus
Apr 14 01:20:02 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCP, IP range 192.168.100.100 -- 192.168.100.249, lease time 12h
Apr 14 01:20:02 OpenMPTCProuter daemon.info dnsmasq[1]: using nameserver 127.0.0.1#5353
Apr 14 01:20:02 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for test
Apr 14 01:20:02 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for onion
Apr 14 01:20:02 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for localhost
Apr 14 01:20:02 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for local
Apr 14 01:20:02 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for invalid
Apr 14 01:20:02 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for bind
Apr 14 01:20:02 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for use-application-dns.net
Apr 14 01:20:02 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for lan
Apr 14 01:20:02 OpenMPTCProuter daemon.info dnsmasq[1]: using 1 more local addresses
Apr 14 01:20:02 OpenMPTCProuter daemon.info dnsmasq[1]: read /etc/hosts - 12 names
Apr 14 01:20:02 OpenMPTCProuter daemon.info dnsmasq[1]: read /tmp/hosts/dhcp.cfg01411c - 2 names
Apr 14 01:20:02 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: read /etc/ethers - 0 addresses
Apr 14 01:20:07 OpenMPTCProuter user.notice omr-schedule-010-services: Set firewall on server vps
Apr 14 01:20:34 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth0) cc:50:e3:d8:be:50 
Apr 14 01:20:34 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth0) 192.168.100.109 cc:50:e3:d8:be:50 
Apr 14 01:20:34 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth0) 192.168.100.109 cc:50:e3:d8:be:50 
Apr 14 01:20:34 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth0) 192.168.100.109 cc:50:e3:d8:be:50 
Apr 14 01:21:06 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth0) 192.168.100.201 60:e8:5b:7e:89:82 
Apr 14 01:21:06 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth0) 192.168.100.201 60:e8:5b:7e:89:82 airthings-view
Apr 14 02:50:00 OpenMPTCProuter user.notice omr-bypass: Starting OMR-ByPass...
Apr 14 02:50:00 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 14 02:50:00 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 14 02:50:00 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 14 02:50:00 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 14 02:50:00 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 14 02:50:00 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 14 02:50:00 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 14 02:50:00 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 14 02:50:02 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_eth1_4 Error: No such file or directory
Apr 14 02:50:02 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 14 02:50:02 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 14 02:50:02 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 14 02:50:02 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 14 02:50:02 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 14 02:50:02 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 14 02:50:04 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 14 02:50:04 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
jle1511 commented 7 months ago

uci show omr-bypass and nft list ruleset

root@OpenMPTCProuter:~# uci show omr-bypass
omr-bypass.all=interface
omr-bypass.m6replay=proto
omr-bypass.m6replay.url='m6web.fr' '6play.fr' '6cloud.fr'
omr-bypass.mycanal=proto
omr-bypass.mycanal.url='mycanal.fr' 'canal-plus.com' 'canalplus.com' 'canalplus-cdn.net' 'canalplus.pro' 'canal-plus.net'
omr-bypass.minecraft=proto
omr-bypass.minecraft.url='authserver.mojang.com'
omr-bypass.lesnumeriques=proto
omr-bypass.lesnumeriques.url='lesnumeriques.com' 'botscorner.com' 'app.botscorner.com'
omr-bypass.disneyplus=proto
omr-bypass.disneyplus.url='bamgrid.com' 'disney-plus.net'
omr-bypass.amazonvideo=proto
omr-bypass.amazonvideo.url='cloudfront.net' 'llnw.net'
omr-bypass.free=proto
omr-bypass.free.url='free.fr' 'freebox.fr' 'oqee.tv' 'oqee.net'
omr-bypass.orange=proto
omr-bypass.orange.url='orange.fr' 'sosh.fr' 'liveperson.net' 'liveperson.com' 'lpsn.net' 'lpsnmedia.net' 'francetelecom.fr'
omr-bypass.eth0=interface
omr-bypass.eth0.id='9999'
omr-bypass.eth1=interface
omr-bypass.eth1.id='8'
omr-bypass.eth2=interface
omr-bypass.eth2.id='9'
omr-bypass.eth3=interface
omr-bypass.eth3.id='10'
omr-bypass.tun0=interface
omr-bypass.tun0.id='1500'
omr-bypass.global=global
omr-bypass.global.vpn_ipv4_md5='68b329da9893e34099c7d8ad5cb9c940'
omr-bypass.global.vpn_ipv6_md5='68b329da9893e34099c7d8ad5cb9c940'
omr-bypass.@macs[0]=macs
omr-bypass.@macs[0].mac='F4:D4:88:6A:40:31'
omr-bypass.@macs[0].note='jimmy mac'
omr-bypass.@domains[0]=domains
omr-bypass.@domains[0].name='ifconfig.me'
omr-bypass.@domains[0].note='ifconfig.me'
omr-bypass.@domains[0].family='ipv4ipv6'
omr-bypass.@domains[0].interface='eth1'
omr-bypass.@domains[1]=domains
omr-bypass.@domains[1].name='suncoastcreditunion.com'
omr-bypass.@domains[1].note='suncoastcreditunion.com'
omr-bypass.@domains[1].family='ipv4ipv6'
omr-bypass.@domains[2]=domains
omr-bypass.@domains[2].name='reddit.com'
omr-bypass.@domains[2].note='reddit.com'
omr-bypass.@domains[2].family='ipv4ipv6'
omr-bypass.@dpis[0]=dpis
omr-bypass.@dpis[0].proto='amazonalexa'
omr-bypass.@dpis[0].family='ipv4ipv6'
omr-bypass.@dpis[1]=dpis
omr-bypass.@dpis[1].proto='amazonaws'
omr-bypass.@dpis[1].family='ipv4ipv6'
omr-bypass.@dpis[2]=dpis
omr-bypass.@dpis[2].proto='amazonvideo'
omr-bypass.@dpis[2].family='ipv4ipv6'
omr-bypass.@dpis[3]=dpis
omr-bypass.@dpis[3].proto='cloudflare'
omr-bypass.@dpis[3].family='ipv4ipv6'
omr-bypass.@dpis[4]=dpis
omr-bypass.@dpis[4].proto='cloudflarewarp'
omr-bypass.@dpis[4].family='ipv4ipv6'
omr-bypass.@dpis[5]=dpis
omr-bypass.@dpis[5].proto='hulu'
omr-bypass.@dpis[5].family='ipv4ipv6'
omr-bypass.@dpis[6]=dpis
omr-bypass.@dpis[6].proto='imap'
omr-bypass.@dpis[6].family='ipv4ipv6'
omr-bypass.@dpis[7]=dpis
omr-bypass.@dpis[7].proto='imaps'
omr-bypass.@dpis[7].family='ipv4ipv6'
omr-bypass.@dpis[8]=dpis
omr-bypass.@dpis[8].proto='smtp'
omr-bypass.@dpis[8].family='ipv4ipv6'
omr-bypass.@dpis[9]=dpis
omr-bypass.@dpis[9].proto='smtps'
omr-bypass.@dpis[9].family='ipv4ipv6'
omr-bypass.@dpis[10]=dpis
omr-bypass.@dpis[10].proto='waze'
omr-bypass.@dpis[10].family='ipv4ipv6'
root@OpenMPTCProuter:~# nft list ruleset
table ip mangle {
        chain PREROUTING {
                type filter hook prerouting priority mangle; policy accept;
        }

        chain INPUT {
                type filter hook input priority mangle; policy accept;
                counter packets 332496 bytes 342748897 jump omr-bypass-dpi
        }

        chain FORWARD {
                type filter hook forward priority mangle; policy accept;
                counter packets 99383 bytes 118599427 jump omr-bypass-dpi
        }

        chain OUTPUT {
                type route hook output priority mangle; policy accept;
        }

        chain POSTROUTING {
                type filter hook postrouting priority mangle; policy accept;
        }

        chain omr-bypass-dpi {
        }
}
table inet fw4 {
        ct helper amanda {
                type "amanda" protocol udp
                l3proto inet
        }

        ct helper ftp {
                type "ftp" protocol tcp
                l3proto inet
        }

        ct helper RAS {
                type "RAS" protocol udp
                l3proto inet
        }

        ct helper Q.931 {
                type "Q.931" protocol tcp
                l3proto inet
        }

        ct helper irc {
                type "irc" protocol tcp
                l3proto ip
        }

        ct helper pptp {
                type "pptp" protocol tcp
                l3proto ip
        }

        ct helper sip {
                type "sip" protocol udp
                l3proto inet
        }

        ct helper snmp {
                type "snmp" protocol udp
                l3proto ip
        }

        ct helper tftp {
                type "tftp" protocol udp
                l3proto inet
        }

        set omr_dscp_cs0_4 {
                type ipv4_addr
        }

        set omr_dscp_cs1_4 {
                type ipv4_addr
                elements = { 162.125.5.13 }
        }

        set omr_dscp_cs2_4 {
                type ipv4_addr
                elements = { 31.13.67.20, 142.250.64.164,
                             142.250.217.195, 142.251.35.238,
                             172.217.2.206, 172.217.15.200,
                             192.178.50.42, 216.239.35.0,
                             216.239.35.4, 216.239.35.8,
                             216.239.35.12 }
        }

        set omr_dscp_cs3_4 {
                type ipv4_addr
        }

        set omr_dscp_cs4_4 {
                type ipv4_addr
        }

        set omr_dscp_cs5_4 {
                type ipv4_addr
        }

        set omr_dscp_cs6_4 {
                type ipv4_addr
        }

        set omr_dscp_cs7_4 {
                type ipv4_addr
        }

        set omr_dscp_ef_4 {
                type ipv4_addr
        }

        set bypass_cloudflare {
                type ipv4_addr
                elements = { 103.21.244.0, 103.22.200.0,
                             103.31.4.0, 104.16.0.0,
                             104.24.0.0, 108.162.192.0,
                             131.0.72.0, 141.101.64.0,
                             162.158.0.0, 172.64.0.0,
                             173.245.48.0, 188.114.96.0,
                             190.93.240.0, 197.234.240.0,
                             198.41.128.0 }
        }

        set bypass6_cloudflare {
                type ipv6_addr
        }

        set bypass_hulu {
                type ipv4_addr
                elements = { 8.28.124.0, 199.60.116.0,
                             199.200.48.0, 199.200.50.0,
                             208.91.156.0 }
        }

        set bypass6_hulu {
                type ipv6_addr
        }

        set omr_dst_bypass_eth0_4 {
                type ipv4_addr
        }

        set omr_dst_bypass_eth0_6 {
                type ipv6_addr
        }

        set omr_dst_bypass_eth1_4 {
                type ipv4_addr
                elements = { 34.117.118.44 }
        }

        set omr_dst_bypass_eth1_6 {
                type ipv6_addr
                elements = { 2600:1901:0:bbc3:: }
        }

        set omr_dst_bypass_eth2_4 {
                type ipv4_addr
        }

        set omr_dst_bypass_eth2_6 {
                type ipv6_addr
        }

        set omr_dst_bypass_eth3_4 {
                type ipv4_addr
        }

        set omr_dst_bypass_eth3_6 {
                type ipv6_addr
        }

        set omr_dst_bypass_tun0_4 {
                type ipv4_addr
        }

        set omr_dst_bypass_tun0_6 {
                type ipv6_addr
        }

        set omr_dst_bypass_all_4 {
                type ipv4_addr
                elements = { 3.5.17.132, 3.5.25.66,
                             3.5.28.232, 3.5.29.162,
                             3.5.29.207, 3.5.29.236,
                             3.21.194.160, 3.22.174.158,
                             3.33.139.32, 3.64.163.50,
                             3.139.120.92, 3.213.169.150,
                             3.217.147.217, 3.221.134.22,
                             3.223.181.245, 5.35.225.239,
                             13.248.169.48, 15.197.172.60,
                             16.182.35.225, 16.182.72.161,
                             18.172.240.101, 18.172.242.4,
                             18.172.242.29, 18.172.242.46,
                             18.172.242.48, 18.172.242.65,
                             18.172.242.68, 18.172.242.70,
                             18.172.242.72, 18.172.242.87,
                             18.172.242.100, 18.172.242.116,
                             18.172.242.118, 18.215.42.147,
                             23.48.224.100, 23.48.224.103,
                             23.48.224.108, 34.200.189.226,
                             34.209.169.232, 34.218.92.85,
                             34.232.152.68, 34.240.160.162,
                             35.175.71.102, 44.199.80.228,
                             44.227.65.245, 44.227.76.166,
                             44.230.98.231, 44.233.1.74,
                             44.240.223.124, 44.241.192.194,
                             45.37.78.246, 45.119.84.172,
                             45.142.181.68, 46.166.184.102,
                             51.195.193.93, 52.4.42.50,
                             52.6.78.77, 52.20.8.94,
                             52.20.143.163, 52.39.163.104,
                             52.72.155.165, 52.73.116.25,
                             52.84.106.9, 52.84.106.11,
                             52.84.106.20, 52.84.106.29,
                             52.84.106.30, 52.84.106.35,
                             52.84.106.36, 52.84.106.39,
                             52.84.106.66, 52.84.106.67,
                             52.84.106.90, 52.84.106.101,
                             52.84.106.104, 52.84.106.113,
                             52.84.106.129, 52.84.107.73,
                             52.86.71.225, 52.94.233.109,
                             52.216.40.233, 52.216.42.81,
                             52.216.50.153, 52.216.56.129,
                             52.216.208.97, 52.216.218.217,
                             52.217.42.4, 52.217.130.41,
                             52.217.204.209, 52.217.223.25,
                             52.217.229.49, 52.217.231.233,
                             52.244.161.25, 54.148.210.104,
                             54.149.100.34, 54.156.177.188,
                             54.164.8.177, 54.167.177.211,
                             54.205.193.132, 54.210.231.54,
                             54.213.73.203, 54.218.238.12,
                             54.231.194.185, 54.231.224.153,
                             54.231.236.185, 54.243.248.170,
                             62.122.170.171, 64.70.19.203,
                             64.176.11.190, 72.21.206.80,
                             72.21.210.29, 75.2.85.42,
                             75.2.115.196, 76.76.21.123,
                             76.76.21.142, 76.223.54.146,
                             80.74.131.2, 85.159.66.93,
                             88.198.29.97, 90.153.255.235,
                             92.51.130.89, 96.7.128.12,
                             96.7.128.17, 96.7.128.32,
                             96.7.128.34, 96.30.195.177,
                             99.83.196.71, 103.11.228.30,
                             103.63.236.58, 104.16.80.230,
                             104.16.132.229, 104.16.133.229,
                             104.17.24.14, 104.17.25.14,
                             104.17.143.163, 104.20.4.74,
                             104.20.5.74, 104.21.5.41,
                             104.21.7.2, 104.21.13.108,
                             104.21.16.11, 104.21.44.215,
                             104.21.51.222, 104.21.53.52,
                             104.21.53.237, 104.21.56.186,
                             104.21.75.185, 104.21.84.116,
                             104.21.85.231, 104.21.92.254,
                             104.21.95.240, 104.247.81.11,
                             104.247.81.50, 104.247.81.52,
                             104.247.81.53, 104.247.82.50,
                             104.247.82.52, 109.68.33.64,
                             110.4.45.235, 120.24.54.115,
                             128.204.136.114, 130.211.9.172,
                             135.181.149.208, 138.68.89.92,
                             138.68.116.54, 142.250.64.138,
                             142.250.64.202, 142.250.189.138,
                             142.250.217.170, 142.250.217.202,
                             142.250.217.234, 142.251.35.234,
                             149.102.146.245, 150.158.143.106,
                             151.101.1.140, 151.101.65.140,
                             151.101.129.140, 151.101.193.140,
                             157.7.144.5, 162.255.119.209,
                             162.255.119.253, 172.64.80.1,
                             172.67.132.241, 172.67.135.138,
                             172.67.149.164, 172.67.155.74,
                             172.67.180.30, 172.67.188.254,
                             172.67.191.147, 172.67.199.215,
                             172.67.201.185, 172.67.203.237,
                             172.67.209.33, 172.67.209.192,
                             172.67.211.227, 172.67.220.3,
                             172.217.2.202, 172.217.15.202,
                             178.168.100.125, 185.32.190.4,
                             185.154.54.5, 185.182.56.83,
                             185.206.180.121, 192.178.50.42,
                             192.178.50.74, 192.185.78.242,
                             193.105.159.15, 194.245.148.189,
                             195.49.215.175, 195.201.106.151,
                             199.59.243.225, 199.60.116.108,
                             200.24.14.6, 201.158.32.14,
                             207.171.166.22, 213.108.56.205,
                             213.186.33.5, 217.24.17.51,
                             217.146.69.5 }
        }

        set omr_dst_bypass_all_6 {
                type ipv6_addr
        }

        set xr_rules_src_bypass {
                type ipv4_addr
                flags interval
                auto-merge
        }

        set xr_rules6_src_bypass {
                type ipv6_addr
                flags interval
                auto-merge
        }

        set xr_rules_src_forward {
                type ipv4_addr
                flags interval
                auto-merge
        }

        set xr_rules6_src_forward {
                type ipv6_addr
                flags interval
                auto-merge
        }

        set xr_rules_src_checkdst {
                type ipv4_addr
                flags interval
                auto-merge
        }

        set xr_rules6_src_checkdst {
                type ipv6_addr
                flags interval
                auto-merge
        }

        set xr_rules_remote_servers {
                type ipv4_addr
                flags interval
                auto-merge
                elements = { 45.61.188.181 }
        }

        set xr_rules6_remote_servers {
                type ipv6_addr
                flags interval
                auto-merge
        }

        set xr_rules_dst_bypass {
                type ipv4_addr
                flags interval
                auto-merge
        }

        set xr_rules6_dst_bypass {
                type ipv6_addr
                flags interval
                auto-merge
        }

        set xr_rules_dst_bypass_ {
                type ipv4_addr
                flags interval
                auto-merge
                elements = { 0.0.0.0/8, 10.0.0.0/8,
                             100.64.0.0/10, 127.0.0.0/8,
                             169.254.0.0/16, 172.16.0.0/12,
                             192.0.0.0/24, 192.0.2.0/24,
                             192.31.196.0/24, 192.52.193.0/24,
                             192.88.99.0/24, 192.168.0.0/16,
                             192.175.48.0/24, 198.18.0.0/15,
                             198.51.100.0/24, 203.0.113.0/24,
                             224.0.0.0/3 }
        }

        set xr_rules6_dst_bypass_ {
                type ipv6_addr
                flags interval
                auto-merge
                elements = { ::/127,
                             ::ffff:0.0.0.0/96,
                             64:ff9b:1::/48,
                             100::/64,
                             2001::/23,
                             fc00::/7,
                             fe80::/10 }
        }

        set xr_rules_dst_forward {
                type ipv4_addr
                flags interval
                auto-merge
        }

        set xr_rules6_dst_forward {
                type ipv6_addr
                flags interval
                auto-merge
        }

        set xr_rules_dst_forward_rrst_ {
                type ipv4_addr
                flags interval
                auto-merge
        }

        set xr_rules6_dst_forward_rrst_ {
                type ipv6_addr
                flags interval
                auto-merge
        }

        chain xr_rules_pre_tcp {
                type nat hook prerouting priority filter + 1; policy accept;
                meta l4proto tcp goto xr_rules_pre_src_tcp
        }

        chain xr_rules_pre_src_tcp {
                ip daddr @xr_rules_dst_bypass_ accept
                ip6 daddr @xr_rules6_dst_bypass_ accept
                goto xr_rules_src_tcp
        }

        chain xr_rules_src_tcp {
                ip saddr @xr_rules_src_bypass accept
                ip saddr @xr_rules_src_forward goto xr_rules_forward_tcp
                ip saddr @xr_rules_src_checkdst goto xr_rules_dst_tcp
                ip6 saddr @xr_rules6_src_bypass accept
                ip6 saddr @xr_rules6_src_forward goto xr_rules_forward_tcp
                ip6 saddr @xr_rules6_src_checkdst goto xr_rules_dst_tcp
                goto xr_rules_dst_tcp
        }

        chain xr_rules_dst_tcp {
                ip daddr @xr_rules_dst_bypass accept
                ip daddr @xr_rules_remote_servers accept
                ip daddr @xr_rules_dst_forward goto xr_rules_forward_tcp
                ip6 daddr @xr_rules6_dst_bypass accept
                ip6 daddr @xr_rules6_remote_servers accept
                ip6 daddr @xr_rules6_dst_forward goto xr_rules_forward_tcp
                goto xr_rules_forward_tcp
        }

        chain xr_rules_forward_tcp {
                meta l4proto tcp redirect to :1897
        }

        chain xr_rules_local_out {
                type nat hook output priority filter - 1; policy accept;
                meta l4proto != tcp accept
                ip daddr @xr_rules_remote_servers accept
                ip daddr @xr_rules_dst_bypass_ accept
                ip daddr @xr_rules_dst_bypass accept
                ip6 daddr @xr_rules6_remote_servers accept
                ip6 daddr @xr_rules6_dst_bypass_ accept
                ip6 daddr @xr_rules6_dst_bypass accept
                goto xr_rules_forward_tcp
        }

        chain input {
                type filter hook input priority filter; policy drop;
                iif "lo" accept comment "!fw4: Accept traffic from loopback"
                ct state vmap { established : accept, related : accept } comment "!fw4: Handle inbound flows"
                tcp flags syn / fin,syn,rst,ack jump syn_flood comment "!fw4: Rate limit TCP syn packets"
                iifname "eth0" jump input_lan comment "!fw4: Handle lan IPv4/IPv6 input traffic"
                iifname { "eth1", "eth2", "eth3" } jump input_wan comment "!fw4: Handle wan IPv4/IPv6 input traffic"
                iifname "tun0" jump input_vpn comment "!fw4: Handle vpn IPv4/IPv6 input traffic"
                jump handle_reject
        }

        chain forward {
                type filter hook forward priority filter; policy drop;
                ct state vmap { established : accept, related : accept } comment "!fw4: Handle forwarded flows"
                icmp type echo-request limit rate 1000/second burst 5 packets counter packets 85 bytes 6860 accept comment "!fw4: Allow-All-Ping"
                icmpv6 type echo-request limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-All-Ping"
                udp dport 443 counter packets 0 bytes 0 drop comment "!fw4: Block QUIC All"
                iifname "eth0" jump forward_lan comment "!fw4: Handle lan IPv4/IPv6 forward traffic"
                iifname { "eth1", "eth2", "eth3" } jump forward_wan comment "!fw4: Handle wan IPv4/IPv6 forward traffic"
                iifname "tun0" jump forward_vpn comment "!fw4: Handle vpn IPv4/IPv6 forward traffic"
                jump upnp_forward comment "Hook into miniupnpd forwarding chain"
                jump handle_reject
        }

        chain output {
                type filter hook output priority filter; policy drop;
                oif "lo" accept comment "!fw4: Accept traffic towards loopback"
                ct state vmap { established : accept, related : accept } comment "!fw4: Handle outbound flows"
                oifname "eth0" jump output_lan comment "!fw4: Handle lan IPv4/IPv6 output traffic"
                oifname { "eth1", "eth2", "eth3" } jump output_wan comment "!fw4: Handle wan IPv4/IPv6 output traffic"
                oifname "tun0" jump output_vpn comment "!fw4: Handle vpn IPv4/IPv6 output traffic"
                jump handle_reject
        }

        chain prerouting {
                type filter hook prerouting priority filter; policy accept;
                icmp type echo-request limit rate 1000/second burst 5 packets counter packets 95 bytes 7140 accept comment "!fw4: Allow-All-Ping"
                icmpv6 type echo-request limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-All-Ping"
                udp dport 443 counter packets 491 bytes 612658 drop comment "!fw4: Block QUIC All"
                counter packets 219333 bytes 228841570 jump accept_to_vpn comment "!fw4: Allow-All-LAN-to-VPN"
                counter packets 219333 bytes 228841570 jump accept_to_wan comment "!fw4: Allow-Lan-to-Wan"
                jump accept_to_wan comment "!fw4: Accept lan to wan forwarding"
                jump accept_to_vpn comment "!fw4: Accept lan to vpn forwarding"
                iifname "eth0" jump helper_lan comment "!fw4: Handle lan IPv4/IPv6 helper assignment"
                icmpv6 type { destination-unreachable, time-exceeded, echo-request, echo-reply } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-ICMPv6-Forward"
                icmpv6 type . icmpv6 code { packet-too-big . no-route, parameter-problem . no-route, parameter-problem . admin-prohibited } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-ICMPv6-Forward"
                meta l4proto esp counter packets 25 bytes 7612 jump accept_to_lan comment "!fw4: Allow-IPSec-ESP"
                udp dport 500 counter packets 0 bytes 0 jump accept_to_lan comment "!fw4: Allow-ISAKMP"
        }

        chain handle_reject {
                meta l4proto tcp reject with tcp reset comment "!fw4: Reject TCP traffic"
                reject comment "!fw4: Reject any other traffic"
        }

        chain syn_flood {
                limit rate 25/second burst 50 packets return comment "!fw4: Accept SYN packets below rate-limit"
                drop comment "!fw4: Drop excess packets"
        }

        chain input_lan {
                icmpv6 type { destination-unreachable, time-exceeded, echo-request, echo-reply, nd-router-solicit, nd-router-advert } limit rate 1000/second burst 5 packets counter packets 3 bytes 168 accept comment "!fw4: ICMPv6-Lan-to-OMR"
                udp dport 443 counter packets 0 bytes 0 drop comment "!fw4: Block QUIC Proxy"
                ct status dnat accept comment "!fw4: Accept port redirections"
                jump accept_from_lan
        }

        chain output_lan {
                jump accept_to_lan
        }

        chain forward_lan {
                counter packets 2366 bytes 206310 jump accept_to_vpn comment "!fw4: Allow-All-LAN-to-VPN"
                counter packets 369 bytes 31810 jump accept_to_wan comment "!fw4: Allow-Lan-to-Wan"
                jump accept_to_wan comment "!fw4: Accept lan to wan forwarding"
                jump accept_to_vpn comment "!fw4: Accept lan to vpn forwarding"
                ct status dnat accept comment "!fw4: Accept port forwards"
                jump accept_to_lan
        }

        chain helper_lan {
                udp dport 10080 ct helper set "amanda" comment "!fw4: Amanda backup and archiving proto"
                tcp dport 21 ct helper set "ftp" comment "!fw4: FTP passive connection tracking"
                udp dport 1719 ct helper set "RAS" comment "!fw4: RAS proto tracking"
                tcp dport 1720 ct helper set "Q.931" comment "!fw4: Q.931 proto tracking"
                meta nfproto ipv4 tcp dport 6667 ct helper set "irc" comment "!fw4: IRC DCC connection tracking"
                meta nfproto ipv4 tcp dport 1723 ct helper set "pptp" comment "!fw4: PPTP VPN connection tracking"
                udp dport 5060 ct helper set "sip" comment "!fw4: SIP VoIP connection tracking"
                meta nfproto ipv4 udp dport 161 ct helper set "snmp" comment "!fw4: SNMP monitoring connection tracking"
                udp dport 69 ct helper set "tftp" comment "!fw4: TFTP connection tracking"
        }

        chain accept_from_lan {
                iifname "eth0" counter packets 1563 bytes 237488 accept comment "!fw4: accept lan IPv4/IPv6 traffic"
        }

        chain accept_to_lan {
                oifname "eth0" counter packets 38 bytes 10192 accept comment "!fw4: accept lan IPv4/IPv6 traffic"
        }

        chain input_wan {
                meta nfproto ipv4 udp dport 68 counter packets 0 bytes 0 accept comment "!fw4: Allow-DHCP-Renew"
                icmp type echo-request counter packets 0 bytes 0 accept comment "!fw4: Allow-Ping"
                meta nfproto ipv4 meta l4proto igmp counter packets 3 bytes 96 accept comment "!fw4: Allow-IGMP"
                meta nfproto ipv6 udp dport 546 counter packets 0 bytes 0 accept comment "!fw4: Allow-DHCPv6"
                ip6 saddr fe80::/10 icmpv6 type . icmpv6 code { mld-listener-query . no-route, mld-listener-report . no-route, mld-listener-done . no-route, mld2-listener-report . no-route } counter packets 19 bytes 1368 accept comment "!fw4: Allow-MLD"
                icmpv6 type { nd-router-solicit, nd-router-advert } limit rate 1000/second burst 5 packets counter packets 1 bytes 104 accept comment "!fw4: Allow IPv6 ICMP"
                icmpv6 type . icmpv6 code { nd-neighbor-solicit . no-route, nd-neighbor-advert . no-route } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow IPv6 ICMP"
                meta nfproto ipv6 udp sport 546 udp dport 547 counter packets 0 bytes 0 accept comment "!fw4: Allow DHCPv6 (546-to-547)"
                meta nfproto ipv6 udp sport 547 udp dport 546 counter packets 0 bytes 0 accept comment "!fw4: Allow DHCPv6 (547-to-546)"
                ct status dnat accept comment "!fw4: Accept port redirections"
                jump reject_from_wan
        }

        chain output_wan {
                jump accept_to_wan
        }

        chain forward_wan {
                icmpv6 type { destination-unreachable, time-exceeded, echo-request, echo-reply } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-ICMPv6-Forward"
                icmpv6 type . icmpv6 code { packet-too-big . no-route, parameter-problem . no-route, parameter-problem . admin-prohibited } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-ICMPv6-Forward"
                meta l4proto esp counter packets 0 bytes 0 jump accept_to_lan comment "!fw4: Allow-IPSec-ESP"
                udp dport 500 counter packets 0 bytes 0 jump accept_to_lan comment "!fw4: Allow-ISAKMP"
                ct status dnat accept comment "!fw4: Accept port forwards"
                jump reject_to_wan
        }

        chain accept_to_wan {
                meta nfproto ipv4 oifname { "eth1", "eth2", "eth3" } ct state invalid counter packets 117 bytes 6480 drop comment "!fw4: Prevent NAT leakage"
                oifname { "eth1", "eth2", "eth3" } counter packets 4156 bytes 205410 accept comment "!fw4: accept wan IPv4/IPv6 traffic"
        }

        chain reject_from_wan {
                iifname { "eth1", "eth2", "eth3" } counter packets 15 bytes 1343 jump handle_reject comment "!fw4: reject wan IPv4/IPv6 traffic"
        }

        chain reject_to_wan {
                oifname { "eth1", "eth2", "eth3" } counter packets 0 bytes 0 jump handle_reject comment "!fw4: reject wan IPv4/IPv6 traffic"
        }

        chain input_vpn {
                meta l4proto { icmp, ipv6-icmp } counter packets 0 bytes 0 accept comment "!fw4: Allow-VPN-ICMP"
                ct status dnat accept comment "!fw4: Accept port redirections"
                jump reject_from_vpn
        }

        chain output_vpn {
                jump accept_to_vpn
        }

        chain forward_vpn {
                ct status dnat accept comment "!fw4: Accept port forwards"
                jump accept_to_vpn
        }

        chain accept_to_vpn {
                meta nfproto ipv4 oifname "tun0" ct state invalid counter packets 4 bytes 184 drop comment "!fw4: Prevent NAT leakage"
                oifname "tun0" counter packets 2643 bytes 228094 accept comment "!fw4: accept vpn IPv4/IPv6 traffic"
        }

        chain reject_from_vpn {
                iifname "tun0" counter packets 5 bytes 361 jump handle_reject comment "!fw4: reject vpn IPv4/IPv6 traffic"
        }

        chain dstnat {
                type nat hook prerouting priority dstnat; policy accept;
                jump upnp_prerouting comment "Hook into miniupnpd prerouting chain"
        }

        chain srcnat {
                type nat hook postrouting priority srcnat; policy accept;
                oifname { "eth1", "eth2", "eth3" } jump srcnat_wan comment "!fw4: Handle wan IPv4/IPv6 srcnat traffic"
                oifname "tun0" jump srcnat_vpn comment "!fw4: Handle vpn IPv4/IPv6 srcnat traffic"
                jump upnp_postrouting comment "Hook into miniupnpd postrouting chain"
        }

        chain srcnat_wan {
                meta nfproto ipv4 masquerade comment "!fw4: Masquerade IPv4 wan traffic"
        }

        chain srcnat_vpn {
                meta nfproto ipv4 masquerade comment "!fw4: Masquerade IPv4 vpn traffic"
        }

        chain raw_prerouting {
                type filter hook prerouting priority raw; policy accept;
        }

        chain raw_output {
                type filter hook output priority raw; policy accept;
        }

        chain mangle_prerouting {
                type filter hook prerouting priority mangle; policy accept;
                meta l4proto tcp iifname "eth0" ip daddr @omr_dscp_cs0_4 counter packets 0 bytes 0 ip dscp set cs0 comment "!fw4: omr_dscp_cs0_4"
                meta l4proto udp iifname "eth0" ip daddr @omr_dscp_cs0_4 counter packets 0 bytes 0 ip dscp set cs0 comment "!fw4: omr_dscp_cs0_4"
                meta l4proto tcp iifname "eth0" ip daddr @omr_dscp_cs1_4 counter packets 21 bytes 2148 ip dscp set cs1 comment "!fw4: omr_dscp_cs1_4"
                meta l4proto udp iifname "eth0" ip daddr @omr_dscp_cs1_4 counter packets 0 bytes 0 ip dscp set cs1 comment "!fw4: omr_dscp_cs1_4"
                meta l4proto tcp iifname "eth0" ip daddr @omr_dscp_cs2_4 counter packets 428 bytes 54221 ip dscp set cs2 comment "!fw4: omr_dscp_cs2_4"
                meta l4proto udp iifname "eth0" ip daddr @omr_dscp_cs2_4 counter packets 18 bytes 14040 ip dscp set cs2 comment "!fw4: omr_dscp_cs2_4"
                meta l4proto tcp iifname "eth0" ip daddr @omr_dscp_cs3_4 counter packets 0 bytes 0 ip dscp set cs3 comment "!fw4: omr_dscp_cs3_4"
                meta l4proto udp iifname "eth0" ip daddr @omr_dscp_cs3_4 counter packets 0 bytes 0 ip dscp set cs3 comment "!fw4: omr_dscp_cs3_4"
                meta l4proto tcp iifname "eth0" ip daddr @omr_dscp_cs4_4 counter packets 0 bytes 0 ip dscp set cs4 comment "!fw4: omr_dscp_cs4_4"
                meta l4proto udp iifname "eth0" ip daddr @omr_dscp_cs4_4 counter packets 0 bytes 0 ip dscp set cs4 comment "!fw4: omr_dscp_cs4_4"
                meta l4proto tcp iifname "eth0" ip daddr @omr_dscp_cs5_4 counter packets 0 bytes 0 ip dscp set cs5 comment "!fw4: omr_dscp_cs5_4"
                meta l4proto udp iifname "eth0" ip daddr @omr_dscp_cs5_4 counter packets 0 bytes 0 ip dscp set cs5 comment "!fw4: omr_dscp_cs5_4"
                meta l4proto tcp iifname "eth0" ip daddr @omr_dscp_cs6_4 counter packets 0 bytes 0 ip dscp set cs6 comment "!fw4: omr_dscp_cs6_4"
                meta l4proto udp iifname "eth0" ip daddr @omr_dscp_cs6_4 counter packets 0 bytes 0 ip dscp set cs6 comment "!fw4: omr_dscp_cs6_4"
                meta l4proto tcp iifname "eth0" ip daddr @omr_dscp_cs7_4 counter packets 0 bytes 0 ip dscp set cs7 comment "!fw4: omr_dscp_cs7_4"
                meta l4proto udp iifname "eth0" ip daddr @omr_dscp_cs7_4 counter packets 0 bytes 0 ip dscp set cs7 comment "!fw4: omr_dscp_cs7_4"
                meta l4proto tcp iifname "eth0" ip daddr @omr_dscp_ef_4 counter packets 0 bytes 0 ip dscp set ef comment "!fw4: omr_dscp_ef_4"
                meta l4proto udp iifname "eth0" ip daddr @omr_dscp_ef_4 counter packets 0 bytes 0 ip dscp set ef comment "!fw4: omr_dscp_ef_4"
                meta l4proto tcp iifname "eth0" ip daddr @bypass_hulu counter packets 0 bytes 0 meta mark set 0x00004539 comment "!fw4: bypass_"
                meta l4proto udp iifname "eth0" ip daddr @bypass_hulu counter packets 0 bytes 0 meta mark set 0x00004539 comment "!fw4: bypass_"
                meta l4proto tcp iifname "eth0" ip6 daddr @bypass6_hulu counter packets 0 bytes 0 meta mark set 0x00006539 comment "!fw4: bypass6_"
                meta l4proto udp iifname "eth0" ip6 daddr @bypass6_hulu counter packets 0 bytes 0 meta mark set 0x00006539 comment "!fw4: bypass6_"
                meta l4proto tcp iifname "eth0" ip daddr @omr_dst_bypass_eth1_4 counter packets 21 bytes 2131 meta mark set 0x00045398 comment "!fw4: omr_dst_bypass_eth1_rule"
                meta l4proto udp iifname "eth0" ip daddr @omr_dst_bypass_eth1_4 counter packets 0 bytes 0 meta mark set 0x00045398 comment "!fw4: omr_dst_bypass_eth1_rule"
                meta l4proto tcp iifname "eth0" ip daddr @omr_dst_bypass_all_4 counter packets 805 bytes 74948 meta mark set 0x00004539 comment "!fw4: omr_dst_bypass_all_rule"
                meta l4proto udp iifname "eth0" ip daddr @omr_dst_bypass_all_4 counter packets 6 bytes 7368 meta mark set 0x00004539 comment "!fw4: omr_dst_bypass_all_rule"
                meta l4proto tcp iifname "eth0" ether saddr f4:d4:88:6a:40:31 counter packets 8571 bytes 1193047 meta mark set 0x00004539 comment "!fw4: omr_dst_bypass_all_mac"
                meta l4proto udp iifname "eth0" ether saddr f4:d4:88:6a:40:31 counter packets 817 bytes 619319 meta mark set 0x00004539 comment "!fw4: omr_dst_bypass_all_mac"
        }

        chain mangle_postrouting {
                type filter hook postrouting priority mangle; policy accept;
                oifname "eth0" tcp flags syn / fin,syn,rst tcp option maxseg size set rt mtu comment "!fw4: Zone lan IPv4/IPv6 egress MTU fixing"
                oifname { "eth1", "eth2", "eth3" } tcp flags syn / fin,syn,rst tcp option maxseg size set rt mtu comment "!fw4: Zone wan IPv4/IPv6 egress MTU fixing"
                oifname "tun0" tcp flags syn / fin,syn,rst tcp option maxseg size set rt mtu comment "!fw4: Zone vpn IPv4/IPv6 egress MTU fixing"
        }

        chain mangle_input {
                type filter hook input priority mangle; policy accept;
                meta l4proto icmp iifname "eth0" ip saddr 0.0.0.0/0 ip daddr 0.0.0.0/0 counter packets 7 bytes 392 ip dscp set cs7 comment "!fw4: omr_dscp_rule1"
                iifname "eth0" ip saddr 0.0.0.0/0 ip daddr 0.0.0.0/0 udp sport { 53, 123, 5353 } udp dport 0-65535 counter packets 0 bytes 0 ip dscp set cs4 comment "!fw4: omr_dscp_rule2"
                iifname "eth0" ip saddr 0.0.0.0/0 ip daddr 0.0.0.0/0 tcp sport { 53, 5353 } tcp dport 0-65535 counter packets 0 bytes 0 ip dscp set cs4 comment "!fw4: omr_dscp_rule3"
                iifname "eth0" ip saddr 0.0.0.0/0 ip daddr 0.0.0.0/0 tcp sport 0-65535 tcp dport 65500 counter packets 0 bytes 0 ip dscp set cs4 comment "!fw4: omr_dscp_rule4"
                iifname "eth0" ip saddr 0.0.0.0/0 ip daddr 0.0.0.0/0 tcp sport 0-65535 tcp dport { 65001, 65011, 65301, 65401 } counter packets 0 bytes 0 ip dscp set cs7 comment "!fw4: omr_dscp_rule5"
                iifname "eth0" ip saddr 0.0.0.0/0 ip daddr 0.0.0.0/0 udp sport 0-65535 udp dport { 65001, 65301 } counter packets 0 bytes 0 ip dscp set cs7 comment "!fw4: omr_dscp_rule6"
                iifname "eth0" ip saddr 0.0.0.0/0 ip daddr 0.0.0.0/0 tcp sport 0-65535 tcp dport { 65101, 65228 } counter packets 0 bytes 0 ip dscp set cs6 comment "!fw4: omr_dscp_rule7"
        }

        chain mangle_output {
                type route hook output priority mangle; policy accept;
        }

        chain mangle_forward {
                type filter hook forward priority mangle; policy accept;
                iifname "eth0" tcp flags syn / fin,syn,rst tcp option maxseg size set rt mtu comment "!fw4: Zone lan IPv4/IPv6 ingress MTU fixing"
                iifname { "eth1", "eth2", "eth3" } tcp flags syn / fin,syn,rst tcp option maxseg size set rt mtu comment "!fw4: Zone wan IPv4/IPv6 ingress MTU fixing"
                iifname "tun0" tcp flags syn / fin,syn,rst tcp option maxseg size set rt mtu comment "!fw4: Zone vpn IPv4/IPv6 ingress MTU fixing"
        }

        chain upnp_forward {
        }

        chain upnp_prerouting {
        }

        chain upnp_postrouting {
        }
}
jle1511 commented 7 months ago

i think i found the problem, if i switch Default Proxy from Xray Trojan to Shadowsocks rust 2022, omrbypass start working again. Any ideas why ? and all the error disappear

Ysurac commented 7 months ago

I think I found the issue: when you change the proxy via the Wizard, omr-bypass is not restarted and config is specific to the proxy. If you change the proxy and reboot, all should be ok. I will fix that for next minor release.

hle5128 commented 6 months ago

I think I found the issue: when you change the proxy via the Wizard, omr-bypass is not restarted and config is specific to the proxy. If you change the proxy and reboot, all should be ok. I will fix that for next minor release.

Hi, I tried setting up some domain testing using ifconfig.me, saved and applied the settings, then rebooted. However, I'm still experiencing the same error and the omr-bypass is not working. I tried applying the same settings and rebooting on other proxies, but none of them worked except for shadowsocks.

Here are sample of the logs:

Apr 18 01:42:47 OpenMPTCProuter user.notice omr-bypass: Starting OMR-ByPass...
Apr 17 21:42:51 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) c8:c9:a3:54:3b:df 
Apr 17 21:42:51 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.110 c8:c9:a3:54:3b:df 
Apr 17 21:42:51 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) c8:c9:a3:54:3b:df 
Apr 17 21:42:51 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.110 c8:c9:a3:54:3b:df 
Apr 17 21:42:51 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) c8:c9:a3:54:3b:df 
Apr 17 21:42:51 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.110 c8:c9:a3:54:3b:df 
Apr 17 21:42:55 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) cc:50:e3:d8:be:50 
Apr 17 21:42:55 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.107 cc:50:e3:d8:be:50 
Apr 17 21:42:55 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) cc:50:e3:d8:be:50 
Apr 17 21:42:55 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.107 cc:50:e3:d8:be:50 
Apr 17 21:42:55 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) c8:c9:a3:54:3b:df 
Apr 17 21:42:55 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.110 c8:c9:a3:54:3b:df 
Apr 17 21:42:55 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.110 c8:c9:a3:54:3b:df 
Apr 17 21:42:55 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.110 c8:c9:a3:54:3b:df 
Apr 17 21:42:55 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) cc:50:e3:d8:be:50 
Apr 17 21:42:55 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.107 cc:50:e3:d8:be:50 
Apr 17 21:42:55 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.110 c8:c9:a3:54:3b:df 
Apr 17 21:42:55 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.110 c8:c9:a3:54:3b:df 
Apr 17 21:42:55 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPRELEASE(eth1) 192.168.100.119 7c:78:b2:87:84:b4 unknown lease
Apr 17 21:42:59 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) fc:45:c3:01:3a:6e 
Apr 17 21:42:59 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.115 fc:45:c3:01:3a:6e 
Apr 17 21:42:59 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.107 cc:50:e3:d8:be:50 
Apr 17 21:42:59 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.107 cc:50:e3:d8:be:50 
Apr 17 21:42:59 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) fc:45:c3:01:3a:6e 
Apr 17 21:42:59 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.115 fc:45:c3:01:3a:6e 
Apr 17 21:42:59 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.107 cc:50:e3:d8:be:50 
Apr 17 21:42:59 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.107 cc:50:e3:d8:be:50 
Apr 17 21:42:59 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.115 fc:45:c3:01:3a:6e 
Apr 17 21:42:59 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.115 fc:45:c3:01:3a:6e 
Apr 17 21:43:01 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) fc:45:c3:01:3a:6e 
Apr 17 21:43:01 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.115 fc:45:c3:01:3a:6e 
Apr 17 21:43:01 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.115 fc:45:c3:01:3a:6e 
Apr 17 21:43:01 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.115 fc:45:c3:01:3a:6e 
Apr 18 01:43:02 OpenMPTCProuter daemon.info omr-tracker-v2ray: V2Ray is down (can't contact via http 212.27.48.10, 198.27.92.1, 151.101.129.164)
Apr 17 21:43:02 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) c8:c9:a3:54:3b:df 
Apr 17 21:43:02 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.110 c8:c9:a3:54:3b:df 
Apr 17 21:43:02 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPRELEASE(eth1) 192.168.100.177 2c:aa:8e:bb:0d:cb unknown lease
Apr 17 21:43:02 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) fc:45:c3:01:3a:6e 
Apr 17 21:43:02 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.115 fc:45:c3:01:3a:6e 
Apr 17 21:43:02 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.115 fc:45:c3:01:3a:6e 
Apr 17 21:43:02 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.115 fc:45:c3:01:3a:6e 
Apr 17 21:43:03 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) c8:c9:a3:54:3b:df 
Apr 17 21:43:03 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.110 c8:c9:a3:54:3b:df 
Apr 17 21:43:03 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.110 c8:c9:a3:54:3b:df 
Apr 17 21:43:03 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.110 c8:c9:a3:54:3b:df 
Apr 17 21:43:05 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dscp_cs2_4 Error: No such file or directory
Apr 17 21:43:05 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dscp_cs2_4 Error: No such file or directory
Apr 17 21:43:05 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dscp_cs2_4 Error: No such file or directory
Apr 17 21:43:05 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dscp_cs2_4 Error: No such file or directory
Apr 18 01:43:05 OpenMPTCProuter user.notice firewall.omr-server: Firewall reload, set server part firewall reloading
Apr 17 21:43:05 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPRELEASE(eth1) 192.168.100.221 b0:4a:39:59:95:d2 unknown lease
Apr 17 21:43:09 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) 7c:78:b2:87:84:b4 
Apr 17 21:43:09 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.119 7c:78:b2:87:84:b4 
Apr 17 21:43:09 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) 7c:78:b2:87:84:b4 
Apr 17 21:43:09 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.119 7c:78:b2:87:84:b4 
Apr 17 21:43:09 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) 7c:78:b2:87:84:b4 
Apr 17 21:43:09 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.119 7c:78:b2:87:84:b4 
Apr 17 21:43:09 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) 7c:78:b2:87:84:b4 
Apr 17 21:43:09 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.119 7c:78:b2:87:84:b4 
Apr 17 21:43:09 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) 7c:78:b2:87:84:b4 
Apr 17 21:43:09 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.119 7c:78:b2:87:84:b4 
Apr 17 21:43:13 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) b0:4a:39:59:95:d2 
Apr 17 21:43:13 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.221 b0:4a:39:59:95:d2 
Apr 17 21:43:13 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.119 7c:78:b2:87:84:b4 
Apr 17 21:43:13 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.119 7c:78:b2:87:84:b4 HL_PAN2-7C78B28784B4
Apr 17 21:43:13 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.119 7c:78:b2:87:84:b4 
Apr 17 21:43:13 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.119 7c:78:b2:87:84:b4 HL_PAN2-7C78B28784B4
Apr 17 21:43:13 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) b0:4a:39:59:95:d2 
Apr 17 21:43:13 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.221 b0:4a:39:59:95:d2 
Apr 17 21:43:13 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.221 b0:4a:39:59:95:d2 
Apr 17 21:43:13 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.221 b0:4a:39:59:95:d2 roborock-vacuum-a27
Apr 17 21:43:29 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) 2c:aa:8e:bb:0d:cb 
Apr 17 21:43:29 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.177 2c:aa:8e:bb:0d:cb 
Apr 17 21:43:29 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) 2c:aa:8e:bb:0d:cb 
Apr 17 21:43:29 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.177 2c:aa:8e:bb:0d:cb 
Apr 17 21:43:29 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.177 2c:aa:8e:bb:0d:cb 
Apr 17 21:43:29 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.177 2c:aa:8e:bb:0d:cb WYZECP1_JEF-2CAA8EBB0DCB
Apr 17 21:43:29 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.200 60:e8:5b:7e:89:82 
Apr 17 21:43:29 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.200 60:e8:5b:7e:89:82 airthings-view
Apr 18 01:43:45 OpenMPTCProuter user.notice firewall.omr-server: Firewall reload, set server part firewall reloading
Apr 18 01:43:45 OpenMPTCProuter user.notice omr-bypass: Restart dnsmasq...
Apr 17 21:43:45 OpenMPTCProuter daemon.info dnsmasq[1]: exiting on receipt of SIGTERM
Apr 18 01:43:46 OpenMPTCProuter user.notice omr-bypass: OMR-ByPass is running
Apr 17 21:43:46 OpenMPTCProuter daemon.info dnsmasq[1]: started, version 2.89 cachesize 1000
Apr 17 21:43:46 OpenMPTCProuter daemon.info dnsmasq[1]: DNS service limited to local subnets
Apr 17 21:43:46 OpenMPTCProuter daemon.info dnsmasq[1]: compile time options: IPv6 GNU-getopt no-DBus UBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP conntrack no-ipset nftset auth cryptohash DNSSEC no-ID loop-detect inotify dumpfile
Apr 17 21:43:46 OpenMPTCProuter daemon.info dnsmasq[1]: UBus support enabled: connected to system bus
Apr 17 21:43:46 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCP, IP range 192.168.100.100 -- 192.168.100.249, lease time 12h
Apr 17 21:43:46 OpenMPTCProuter daemon.info dnsmasq[1]: using nameserver 127.0.0.1#5353
Apr 17 21:43:46 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for test
Apr 17 21:43:46 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for onion
Apr 17 21:43:46 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for localhost
Apr 17 21:43:46 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for local
Apr 17 21:43:46 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for invalid
Apr 17 21:43:46 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for bind
Apr 17 21:43:46 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for use-application-dns.net
Apr 17 21:43:46 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for lan
Apr 17 21:43:46 OpenMPTCProuter daemon.info dnsmasq[1]: using 1 more local addresses
Apr 17 21:43:46 OpenMPTCProuter daemon.info dnsmasq[1]: read /etc/hosts - 12 names
Apr 17 21:43:46 OpenMPTCProuter daemon.info dnsmasq[1]: read /tmp/hosts/dhcp.cfg01411c - 2 names
Apr 17 21:43:46 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: read /etc/ethers - 0 addresses
Apr 17 21:43:49 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:43:49 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 18 01:43:49 OpenMPTCProuter user.notice firewall.omr-server: Firewall reload, set server part firewall reloading
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [12482:0] info: service stopped (unbound 1.19.0).
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [12482:0] info: server stats for thread 0: 675 queries, 251 answers from cache, 424 recursions, 0 prefetch, 0 rejected by ip ratelimiting
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [12482:0] info: server stats for thread 0: requestlist max 56 avg 10.4788 exceeded 0 jostled 0
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [12482:0] info: average recursion processing time 0.723350 sec
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [12482:0] info: histogram of recursion processing times
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [12482:0] info: [25%]=0.194447 median[50%]=0.415278 [75%]=0.735716
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [12482:0] info: lower(secs) upper(secs) recursions
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [12482:0] info:    0.000000    0.000001 7
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [12482:0] info:    0.008192    0.016384 1
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [12482:0] info:    0.032768    0.065536 15
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [12482:0] info:    0.065536    0.131072 39
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [12482:0] info:    0.131072    0.262144 91
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [12482:0] info:    0.262144    0.524288 101
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [12482:0] info:    0.524288    1.000000 144
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [12482:0] info:    1.000000    2.000000 15
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [12482:0] info:    2.000000    4.000000 1
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [12482:0] info:    4.000000    8.000000 2
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [12482:0] info:    8.000000   16.000000 6
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [12482:0] info:   16.000000   32.000000 2
Apr 18 01:43:50 OpenMPTCProuter daemon.notice unbound: [2732:0] notice: init module 0: validator
Apr 18 01:43:50 OpenMPTCProuter daemon.notice unbound: [2732:0] notice: init module 1: iterator
Apr 18 01:43:50 OpenMPTCProuter daemon.info unbound: [2732:0] info: start of service (unbound 1.19.0).
Apr 17 21:43:52 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.178 d8:a0:11:48:df:d8 
Apr 17 21:43:52 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.178 d8:a0:11:48:df:d8 wiz_48dfd8
Apr 18 01:43:53 OpenMPTCProuter daemon.notice ttyd[3233]: [2024/04/17 21:43:53:1360] N: ttyd 1.7.3 (libwebsockets 4.3.2-unknown)
Apr 18 01:43:53 OpenMPTCProuter daemon.notice ttyd[3233]: [2024/04/17 21:43:53:1362] N: tty configuration:
Apr 18 01:43:53 OpenMPTCProuter daemon.notice ttyd[3233]: [2024/04/17 21:43:53:1363] N:   start command: /bin/login
Apr 18 01:43:53 OpenMPTCProuter daemon.notice ttyd[3233]: [2024/04/17 21:43:53:1363] N:   close signal: SIGHUP (1)
Apr 18 01:43:53 OpenMPTCProuter daemon.notice ttyd[3233]: [2024/04/17 21:43:53:1364] N:   terminal type: xterm-256color
Apr 18 01:43:53 OpenMPTCProuter daemon.notice ttyd[3233]: [2024/04/17 21:43:53:1483] N:    /usr/lib/libwebsockets-evlib_uv.so
Apr 18 01:43:53 OpenMPTCProuter daemon.notice ttyd[3233]: [2024/04/17 21:43:53:1485] N: lws_create_context: LWS: 4.3.2-unknown, NET CLI SRV H1 H2 WS ConMon IPV6-off
Apr 18 01:43:53 OpenMPTCProuter daemon.notice ttyd[3233]: [2024/04/17 21:43:53:1488] N: elops_init_pt_uv:  Using foreign event loop...
Apr 18 01:43:53 OpenMPTCProuter daemon.notice ttyd[3233]: [2024/04/17 21:43:53:1489] N: __lws_lc_tag:  ++ [wsi|0|pipe] (1)
Apr 18 01:43:53 OpenMPTCProuter daemon.notice ttyd[3233]: [2024/04/17 21:43:53:1491] N: __lws_lc_tag:  ++ [vh|0|netlink] (1)
Apr 18 01:43:53 OpenMPTCProuter daemon.notice ttyd[3233]: [2024/04/17 21:43:53:1494] N: __lws_lc_tag:  ++ [vh|1|default|eth1|eth1|7681] (2)
Apr 18 01:43:53 OpenMPTCProuter daemon.notice ttyd[3233]: [2024/04/17 21:43:53:1507] N: [vh|1|default|eth1|eth1|7681]: lws_socket_bind: source ads 192.168.100.1
Apr 18 01:43:53 OpenMPTCProuter daemon.notice ttyd[3233]: [2024/04/17 21:43:53:1509] N: __lws_lc_tag:  ++ [wsi|1|listen|default|eth1|7681] (2)
Apr 18 01:43:53 OpenMPTCProuter daemon.notice ttyd[3233]: [2024/04/17 21:43:53:1510] N:  Listening on port: 7681
Apr 18 01:43:54 OpenMPTCProuter user.notice firewall.omr-server: Firewall reload, set server part firewall reloading
Apr 18 01:43:54 OpenMPTCProuter daemon.info unbound: [2732:0] info: generate keytag query _ta-4f66. NULL IN
Apr 18 01:43:54 OpenMPTCProuter daemon.info v2ray: DNS disabled: main_dns
Apr 18 01:43:54 OpenMPTCProuter daemon.notice procd: /etc/rc.d/S99v2ray: [info] DNS disabled: main_dns
Apr 18 01:43:54 OpenMPTCProuter daemon.info v2ray: Setting transparent proxy on port: 1897
Apr 18 01:43:54 OpenMPTCProuter daemon.notice procd: /etc/rc.d/S99v2ray: [info] Setting transparent proxy on port: 1897
Apr 18 01:43:54 OpenMPTCProuter daemon.info v2ray: Transparent proxy mode: default
Apr 18 01:43:54 OpenMPTCProuter daemon.notice procd: /etc/rc.d/S99v2ray: [info] Transparent proxy mode: default
Apr 18 01:43:54 OpenMPTCProuter user.notice v2ray: add rules
Apr 18 01:43:55 OpenMPTCProuter user.notice firewall.omr-server: Firewall reload, set server part firewall reloading
Apr 18 01:43:56 OpenMPTCProuter user.notice SQM-autorate: Set config for omrvpn
Apr 18 01:43:57 OpenMPTCProuter user.notice NET: hotplug (iface): action='remove' interface='ifb4tun0'
Apr 18 01:43:57 OpenMPTCProuter daemon.info ModemManager[4787]: hotplug: remove network interface ifb4tun0: event processed
Apr 18 01:43:57 OpenMPTCProuter user.notice NET: hotplug (iface): action='add' interface='SQM_IFB_12a32'
Apr 18 01:43:57 OpenMPTCProuter daemon.info ModemManager[4976]: hotplug: add network interface SQM_IFB_12a32: event processed
Apr 18 01:43:57 OpenMPTCProuter user.notice NET: hotplug (iface): action='remove' interface='SQM_IFB_12a32'
Apr 18 01:43:57 OpenMPTCProuter daemon.info ModemManager[5075]: hotplug: remove network interface SQM_IFB_12a32: event processed
Apr 18 01:43:57 OpenMPTCProuter user.notice NET: hotplug (iface): action='add' interface='SQM_IFB_16708'
Apr 18 01:43:57 OpenMPTCProuter daemon.info ModemManager[5132]: hotplug: add network interface SQM_IFB_16708: event processed
Apr 18 01:43:57 OpenMPTCProuter user.notice NET: hotplug (iface): action='remove' interface='SQM_IFB_16708'
Apr 18 01:43:57 OpenMPTCProuter daemon.info ModemManager[5264]: hotplug: remove network interface SQM_IFB_16708: event processed
Apr 18 01:43:57 OpenMPTCProuter user.notice NET: hotplug (iface): action='add' interface='ifb4tun0'
Apr 18 01:43:57 OpenMPTCProuter user.notice firewall.omr-server: Firewall reload, set server part firewall reloading
Apr 18 01:43:57 OpenMPTCProuter daemon.info ModemManager[5281]: hotplug: add network interface ifb4tun0: event processed
Apr 18 01:43:58 OpenMPTCProuter user.notice v2ray: Reload omr-bypass rules
Apr 17 21:43:58 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:43:58 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:43:58 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:43:58 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:43:58 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:43:58 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:43:58 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 18 01:43:59 OpenMPTCProuter user.notice firewall.omr-server: Firewall reload, set server part firewall reloading
Apr 18 01:44:00 OpenMPTCProuter daemon.info procd: - init complete -
Apr 18 01:44:00 OpenMPTCProuter user.notice omr-schedule-010-services: Can't find omr-bypass rules, restart omr-bypass...
Apr 18 01:44:00 OpenMPTCProuter user.notice omr-bypass: Starting OMR-ByPass...
Apr 18 01:44:01 OpenMPTCProuter daemon.info v2ray[6791]: V2Ray 5.7.0 (V2Fly, a community-driven edition of V2Ray.) OpenWrt (go1.22.0 linux/arm64)
Apr 18 01:44:01 OpenMPTCProuter daemon.info v2ray[6791]: A unified platform for anti-censorship.
Apr 17 21:44:03 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_eth1_4 Error: No such file or directory
Apr 17 21:44:03 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_eth1_4 Error: No such file or directory
Apr 17 21:44:03 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_eth1_4 Error: No such file or directory
Apr 17 21:44:04 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:04 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:04 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:04 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:04 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:04 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:04 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:04 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:04 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_eth1_4 Error: No such file or directory
Apr 17 21:44:04 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_eth1_4 Error: No such file or directory
Apr 17 21:44:04 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_eth1_4 Error: No such file or directory
Apr 17 21:44:04 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_eth1_4 Error: No such file or directory
Apr 17 21:44:04 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:04 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:04 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:04 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 18 01:44:06 OpenMPTCProuter daemon.info omr-tracker-v2ray: V2Ray is up (can contact via http 198.27.92.1)
Apr 17 21:44:08 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:10 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:10 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:10 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:10 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:10 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:10 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:10 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:10 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:10 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:10 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:11 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:11 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:11 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:11 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:11 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:12 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:12 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:12 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:12 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:12 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:12 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:12 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:14 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:14 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:14 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:14 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:14 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:14 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:14 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:14 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:14 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:14 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:15 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:15 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:15 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:15 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:15 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:15 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:16 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:16 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:16 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:16 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:16 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:16 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:16 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:16 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:16 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:16 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:17 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:17 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:17 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:17 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:17 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:17 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:17 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:17 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:17 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:17 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:18 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:18 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:18 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:18 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:18 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:18 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:18 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:18 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:18 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:18 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:19 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:19 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:19 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:19 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:19 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:19 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:20 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:20 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:20 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:20 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:20 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:21 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:21 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:21 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:21 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:21 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:21 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:21 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:21 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 18 01:44:28 OpenMPTCProuter authpriv.info dropbear[14323]: Child connection from 192.168.100.172:51096
Apr 18 01:44:30 OpenMPTCProuter authpriv.notice dropbear[14323]: Password auth succeeded for 'root' from 192.168.100.172:51096
Apr 17 21:44:32 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:32 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:34 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_eth1_6 Error: No such file or directory
Apr 17 21:44:43 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:43 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:43 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:43 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:43 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:43 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:43 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:43 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:59 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:59 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:59 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:59 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:59 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:44:59 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:13 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:18 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) cc:db:a7:0c:10:04 
Apr 17 21:45:18 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.170 cc:db:a7:0c:10:04 
Apr 17 21:45:18 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) cc:db:a7:0c:10:04 
Apr 17 21:45:18 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.170 cc:db:a7:0c:10:04 
Apr 17 21:45:18 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) cc:db:a7:0c:10:04 
Apr 17 21:45:18 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.170 cc:db:a7:0c:10:04 
Apr 17 21:45:18 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) cc:db:a7:0c:10:04 
Apr 17 21:45:18 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.170 cc:db:a7:0c:10:04 
Apr 17 21:45:18 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.170 cc:db:a7:0c:10:04 
Apr 17 21:45:18 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.170 cc:db:a7:0c:10:04 espressif
Apr 17 21:45:18 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:18 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:18 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:18 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:19 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:19 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:19 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:19 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:19 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:19 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:19 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:19 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:21 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:21 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:21 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:21 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:21 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:21 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:21 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:21 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:22 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:22 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:23 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:23 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:24 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:24 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:25 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:25 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:26 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:26 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:27 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:27 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:27 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:28 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:29 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:29 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:29 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:29 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:29 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:29 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:29 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:29 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:29 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:29 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 17 21:45:29 OpenMPTCProuter daemon.err dnsmasq[1]: nftset inet fw4 omr_dst_bypass_all_4 Error: No such file or directory
Apr 18 01:45:30 OpenMPTCProuter daemon.info omr-tracker-v2ray: Reload V2Ray rules
Apr 18 01:45:30 OpenMPTCProuter user.notice firewall.omr-server: Firewall reload, set server part firewall reloading
Apr 18 01:45:31 OpenMPTCProuter user.notice omr-bypass: Restart dnsmasq...
Apr 17 21:45:31 OpenMPTCProuter daemon.info dnsmasq[1]: exiting on receipt of SIGTERM
Apr 18 01:45:32 OpenMPTCProuter user.notice omr-bypass: OMR-ByPass is running
Apr 17 21:45:32 OpenMPTCProuter daemon.info dnsmasq[1]: started, version 2.89 cachesize 1000
Apr 17 21:45:32 OpenMPTCProuter daemon.info dnsmasq[1]: DNS service limited to local subnets
Apr 17 21:45:32 OpenMPTCProuter daemon.info dnsmasq[1]: compile time options: IPv6 GNU-getopt no-DBus UBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP conntrack no-ipset nftset auth cryptohash DNSSEC no-ID loop-detect inotify dumpfile
Apr 17 21:45:32 OpenMPTCProuter daemon.info dnsmasq[1]: UBus support enabled: connected to system bus
Apr 17 21:45:32 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCP, IP range 192.168.100.100 -- 192.168.100.249, lease time 12h
Apr 17 21:45:32 OpenMPTCProuter daemon.info dnsmasq[1]: using nameserver 127.0.0.1#5353
Apr 17 21:45:32 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for test
Apr 17 21:45:32 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for onion
Apr 17 21:45:32 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for localhost
Apr 17 21:45:32 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for local
Apr 17 21:45:32 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for invalid
Apr 17 21:45:32 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for bind
Apr 17 21:45:32 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for use-application-dns.net
Apr 17 21:45:32 OpenMPTCProuter daemon.info dnsmasq[1]: using only locally-known addresses for lan
Apr 17 21:45:32 OpenMPTCProuter daemon.info dnsmasq[1]: using 1 more local addresses
Apr 17 21:45:32 OpenMPTCProuter daemon.info dnsmasq[1]: read /etc/hosts - 12 names
Apr 17 21:45:32 OpenMPTCProuter daemon.info dnsmasq[1]: read /tmp/hosts/dhcp.cfg01411c - 2 names
Apr 17 21:45:32 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: read /etc/ethers - 0 addresses
Apr 18 01:45:38 OpenMPTCProuter user.notice omr-schedule-010-services: Set firewall on server vps
Apr 17 21:45:52 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) cc:db:a7:0c:f6:54 
Apr 17 21:45:52 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.120 cc:db:a7:0c:f6:54 
Apr 17 21:45:52 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) cc:db:a7:0c:f6:54 
Apr 17 21:45:52 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.120 cc:db:a7:0c:f6:54 
Apr 17 21:45:52 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) cc:db:a7:0c:f6:54 
Apr 17 21:45:52 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.120 cc:db:a7:0c:f6:54 
Apr 17 21:45:52 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) cc:db:a7:0c:f6:54 
Apr 17 21:45:52 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.120 cc:db:a7:0c:f6:54 
Apr 17 21:45:52 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.120 cc:db:a7:0c:f6:54 
Apr 17 21:45:52 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.120 cc:db:a7:0c:f6:54 espressif
Apr 17 21:45:59 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.200 60:e8:5b:7e:89:82 
Apr 17 21:45:59 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.200 60:e8:5b:7e:89:82 airthings-view
Apr 17 21:46:47 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) d8:1f:12:96:bb:bc 
Apr 17 21:46:47 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.208 d8:1f:12:96:bb:bc 
Apr 17 21:46:47 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) d8:1f:12:96:bb:bc 
Apr 17 21:46:47 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.208 d8:1f:12:96:bb:bc 
Apr 17 21:46:47 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) d8:1f:12:96:bb:bc 
Apr 17 21:46:47 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.208 d8:1f:12:96:bb:bc 
Apr 17 21:46:47 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.208 d8:1f:12:96:bb:bc 
Apr 17 21:46:47 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.208 d8:1f:12:96:bb:bc TY_WR
Apr 17 21:48:29 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.200 60:e8:5b:7e:89:82 
Apr 17 21:48:29 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.200 60:e8:5b:7e:89:82 airthings-view
Apr 17 21:48:30 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.200 60:e8:5b:7e:89:82 
Apr 17 21:48:30 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.200 60:e8:5b:7e:89:82 airthings-view
Apr 17 21:49:37 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.200 60:e8:5b:7e:89:82 
Apr 17 21:49:37 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.200 60:e8:5b:7e:89:82 airthings-view
Apr 17 21:50:01 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) cc:50:e3:d8:be:50 
Apr 17 21:50:01 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.107 cc:50:e3:d8:be:50 
Apr 17 21:50:02 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.107 cc:50:e3:d8:be:50 
Apr 17 21:50:02 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.107 cc:50:e3:d8:be:50 
Apr 17 21:50:33 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(eth1) cc:db:a7:0c:10:04 
Apr 17 21:50:33 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPOFFER(eth1) 192.168.100.170 cc:db:a7:0c:10:04 
Apr 17 21:50:33 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(eth1) 192.168.100.170 cc:db:a7:0c:10:04 
Apr 17 21:50:33 OpenMPTCProuter daemon.info dnsmasq-dhcp[1]: DHCPACK(eth1) 192.168.100.170 cc:db:a7:0c:10:04 espressif
root@OpenMPTCProuter:~# uci show omr-bypass
omr-bypass.all=interface
omr-bypass.m6replay=proto
omr-bypass.m6replay.url='m6web.fr' '6play.fr' '6cloud.fr'
omr-bypass.mycanal=proto
omr-bypass.mycanal.url='mycanal.fr' 'canal-plus.com' 'canalplus.com' 'canalplus-cdn.net' 'canalplus.pro' 'canal-plus.net'
omr-bypass.minecraft=proto
omr-bypass.minecraft.url='authserver.mojang.com'
omr-bypass.lesnumeriques=proto
omr-bypass.lesnumeriques.url='lesnumeriques.com' 'botscorner.com' 'app.botscorner.com'
omr-bypass.disneyplus=proto
omr-bypass.disneyplus.url='bamgrid.com' 'disney-plus.net'
omr-bypass.amazonvideo=proto
omr-bypass.amazonvideo.url='cloudfront.net' 'llnw.net'
omr-bypass.free=proto
omr-bypass.free.url='free.fr' 'freebox.fr' 'oqee.tv' 'oqee.net'
omr-bypass.orange=proto
omr-bypass.orange.url='orange.fr' 'sosh.fr' 'liveperson.net' 'liveperson.com' 'lpsn.net' 'lpsnmedia.net' 'francetelecom.fr'
omr-bypass.eth0=interface
omr-bypass.eth0.id='7'
omr-bypass.eth1=interface
omr-bypass.eth1.id='9999'
omr-bypass.eth2=interface
omr-bypass.eth2.id='8'
omr-bypass.eth3=interface
omr-bypass.eth3.id='10'
omr-bypass.tun0=interface
omr-bypass.tun0.id='1500'
omr-bypass.global=global
omr-bypass.global.vpn_ipv4_md5='68b329da9893e34099c7d8ad5cb9c940'
omr-bypass.global.vpn_ipv6_md5='68b329da9893e34099c7d8ad5cb9c940'
omr-bypass.@domains[0]=domains
omr-bypass.@domains[0].name='ifconfig.me'
omr-bypass.@domains[0].note='ifconfig.me'
omr-bypass.@domains[0].family='ipv4ipv6'
omr-bypass.@domains[0].interface='eth1'
omr-bypass.@domains[1]=domains
omr-bypass.@domains[1].name='suncoastcreditunion.com'
omr-bypass.@domains[1].note='suncoastcreditunion.com'
omr-bypass.@domains[1].family='ipv4ipv6'
omr-bypass.@domains[1].interface='eth1'
omr-bypass.@domains[2]=domains
omr-bypass.@domains[2].name='reddit.com'
omr-bypass.@domains[2].note='reddit.com'
omr-bypass.@domains[2].family='ipv4ipv6'
omr-bypass.@domains[2].interface='eth1'
omr-bypass.@dpis[0]=dpis
omr-bypass.@dpis[0].proto='amazonalexa'
omr-bypass.@dpis[0].family='ipv4ipv6'
omr-bypass.@dpis[1]=dpis
omr-bypass.@dpis[1].proto='amazonaws'
omr-bypass.@dpis[1].family='ipv4ipv6'
omr-bypass.@dpis[2]=dpis
omr-bypass.@dpis[2].proto='amazonvideo'
omr-bypass.@dpis[2].family='ipv4ipv6'
omr-bypass.@dpis[3]=dpis
omr-bypass.@dpis[3].proto='cloudflare'
omr-bypass.@dpis[3].family='ipv4ipv6'
omr-bypass.@dpis[4]=dpis
omr-bypass.@dpis[4].proto='cloudflarewarp'
omr-bypass.@dpis[4].family='ipv4ipv6'
omr-bypass.@dpis[5]=dpis
omr-bypass.@dpis[5].proto='hulu'
omr-bypass.@dpis[5].family='ipv4ipv6'
omr-bypass.@dpis[6]=dpis
omr-bypass.@dpis[6].proto='imap'
omr-bypass.@dpis[6].family='ipv4ipv6'
omr-bypass.@dpis[7]=dpis
omr-bypass.@dpis[7].proto='imaps'
omr-bypass.@dpis[7].family='ipv4ipv6'
omr-bypass.@dpis[8]=dpis
omr-bypass.@dpis[8].proto='smtp'
omr-bypass.@dpis[8].family='ipv4ipv6'
omr-bypass.@dpis[9]=dpis
omr-bypass.@dpis[9].proto='smtps'
omr-bypass.@dpis[9].family='ipv4ipv6'
omr-bypass.@dpis[10]=dpis
omr-bypass.@dpis[10].proto='waze'
omr-bypass.@dpis[10].family='ipv4ipv6'
omr-bypass.@domains[3]=domains
omr-bypass.@domains[3].name='ring.com'
omr-bypass.@domains[3].family='ipv4ipv6'
omr-bypass.@domains[4]=domains
omr-bypass.@domains[4].name='kbb.com'
omr-bypass.@domains[4].family='ipv4ipv6'
table ip mangle {
        chain PREROUTING {
                type filter hook prerouting priority mangle; policy accept;
        }

        chain INPUT {
                type filter hook input priority mangle; policy accept;
                counter packets 153636 bytes 219912073 jump omr-bypass-dpi
        }

        chain FORWARD {
                type filter hook forward priority mangle; policy accept;
                counter packets 134009 bytes 121192541 jump omr-bypass-dpi
        }

        chain OUTPUT {
                type route hook output priority mangle; policy accept;
        }

        chain POSTROUTING {
                type filter hook postrouting priority mangle; policy accept;
        }

        chain omr-bypass-dpi {
        }
}
table inet fw4 {
        ct helper amanda {
                type "amanda" protocol udp
                l3proto inet
        }

        ct helper ftp {
                type "ftp" protocol tcp
                l3proto inet
        }

        ct helper RAS {
                type "RAS" protocol udp
                l3proto inet
        }

        ct helper Q.931 {
                type "Q.931" protocol tcp
                l3proto inet
        }

        ct helper irc {
                type "irc" protocol tcp
                l3proto ip
        }

        ct helper pptp {
                type "pptp" protocol tcp
                l3proto ip
        }

        ct helper sip {
                type "sip" protocol udp
                l3proto inet
        }

        ct helper snmp {
                type "snmp" protocol udp
                l3proto ip
        }

        ct helper tftp {
                type "tftp" protocol udp
                l3proto inet
        }

        set omr_dscp_cs0_4 {
                type ipv4_addr
        }

        set omr_dscp_cs1_4 {
                type ipv4_addr
                elements = { 162.125.5.13 }
        }

        set omr_dscp_cs2_4 {
                type ipv4_addr
                elements = { 142.250.114.84, 142.250.217.206,
                             157.240.14.52, 172.217.2.206,
                             172.217.15.194, 172.217.165.195,
                             172.217.165.196, 172.217.165.206,
                             192.178.50.35, 192.178.50.42,
                             192.178.50.65, 216.239.35.0,
                             216.239.35.4, 216.239.35.8,
                             216.239.35.12 }
        }

        set omr_dscp_cs3_4 {
                type ipv4_addr
        }

        set omr_dscp_cs4_4 {
                type ipv4_addr
                elements = { 74.125.7.137, 172.217.131.201,
                             173.194.11.6, 173.194.17.74 }
        }

        set omr_dscp_cs5_4 {
                type ipv4_addr
        }

        set omr_dscp_cs6_4 {
                type ipv4_addr
        }

        set omr_dscp_cs7_4 {
                type ipv4_addr
        }

        set omr_dscp_ef_4 {
                type ipv4_addr
        }

        set bypass_cloudflare {
                type ipv4_addr
                elements = { 103.21.244.0, 103.22.200.0,
                             103.31.4.0, 104.16.0.0,
                             104.24.0.0, 108.162.192.0,
                             131.0.72.0, 141.101.64.0,
                             162.158.0.0, 172.64.0.0,
                             173.245.48.0, 188.114.96.0,
                             190.93.240.0, 197.234.240.0,
                             198.41.128.0 }
        }

        set bypass6_cloudflare {
                type ipv6_addr
        }

        set bypass_hulu {
                type ipv4_addr
                elements = { 8.28.124.0, 199.60.116.0,
                             199.200.48.0, 199.200.50.0,
                             208.91.156.0 }
        }

        set bypass6_hulu {
                type ipv6_addr
        }

        set omr_dst_bypass_eth1_4 {
                type ipv4_addr
                elements = { 34.117.118.44, 104.20.4.74,
                             104.20.5.74, 151.101.1.140,
                             151.101.65.140, 151.101.129.140,
                             151.101.193.140 }
        }

        set omr_dst_bypass_eth1_6 {
                type ipv6_addr
        }

        set omr_dst_bypass_eth0_4 {
                type ipv4_addr
        }

        set omr_dst_bypass_eth0_6 {
                type ipv6_addr
        }

        set omr_dst_bypass_eth2_4 {
                type ipv4_addr
        }

        set omr_dst_bypass_eth2_6 {
                type ipv6_addr
        }

        set omr_dst_bypass_tun0_4 {
                type ipv4_addr
        }

        set omr_dst_bypass_tun0_6 {
                type ipv6_addr
        }

        set omr_dst_bypass_all_4 {
                type ipv4_addr
                elements = { 3.5.3.137, 3.5.3.196,
                             3.5.6.124, 3.5.20.112,
                             3.5.21.131, 3.5.25.55,
                             3.5.25.96, 3.5.25.122,
                             3.5.25.159, 3.5.25.189,
                             3.5.29.48, 3.5.29.86,
                             3.5.29.100, 3.5.29.252,
                             3.21.194.160, 3.22.174.158,
                             3.33.139.32, 3.64.163.50,
                             3.139.120.92, 3.217.147.217,
                             3.221.134.22, 3.223.181.245,
                             5.35.225.239, 13.248.169.48,
                             13.249.202.192, 13.249.205.14,
                             13.249.205.36, 13.249.205.41,
                             13.249.205.52, 13.249.205.58,
                             13.249.205.61, 13.249.205.67,
                             13.249.205.68, 13.249.205.72,
                             13.249.205.84, 13.249.205.88,
                             13.249.205.105, 13.249.205.107,
                             13.249.205.108, 13.249.205.111,
                             13.249.205.113, 13.249.205.119,
                             13.249.205.121, 13.249.205.123,
                             13.249.205.127, 13.249.205.129,
                             15.197.172.60, 16.182.73.97,
                             16.182.101.17, 18.215.42.147,
                             23.56.177.118, 23.208.28.7,
                             23.208.28.30, 23.219.2.69,
                             23.219.2.92, 34.208.16.252,
                             34.209.75.239, 34.209.82.200,
                             34.215.200.167, 34.218.69.33,
                             34.223.8.238, 34.232.152.68,
                             34.240.160.162, 35.81.25.116,
                             35.81.65.4, 35.83.217.175,
                             35.155.65.195, 35.161.88.185,
                             35.164.56.221, 35.164.172.138,
                             35.175.71.102, 44.199.80.228,
                             44.226.184.48, 44.227.65.245,
                             44.227.76.166, 44.230.233.161,
                             44.235.158.178, 44.236.19.246,
                             44.236.135.205, 44.240.223.124,
                             44.241.192.194, 45.119.84.172,
                             45.142.181.68, 46.166.184.102,
                             50.116.16.111, 51.195.193.93,
                             52.4.109.184, 52.5.244.223,
                             52.6.226.122, 52.20.8.94,
                             52.20.143.163, 52.25.35.45,
                             52.34.121.51, 52.35.68.219,
                             52.38.145.87, 52.39.163.104,
                             52.45.33.185, 52.46.130.93,
                             52.46.143.13, 52.46.150.230,
                             52.54.64.44, 52.73.196.88,
                             52.86.30.76, 52.86.71.225,
                             52.89.109.247, 52.94.233.109,
                             52.216.34.185, 52.216.132.211,
                             52.216.178.59, 52.216.208.161,
                             52.216.208.233, 52.216.214.73,
                             52.216.250.4, 52.217.93.92,
                             52.217.117.153, 52.217.120.209,
                             52.217.131.241, 52.217.170.73,
                             52.217.173.217, 52.217.200.17,
                             52.217.224.49, 52.244.161.25,
                             54.68.59.212, 54.69.210.100,
                             54.147.68.112, 54.148.210.104,
                             54.149.100.34, 54.156.177.188,
                             54.160.90.196, 54.167.177.211,
                             54.172.182.103, 54.174.33.232,
                             54.175.226.129, 54.184.44.51,
                             54.187.216.90, 54.190.242.134,
                             54.200.44.33, 54.204.202.253,
                             54.204.206.81, 54.210.231.54,
                             54.218.238.12, 54.231.131.17,
                             54.231.133.153, 54.231.134.209,
                             54.231.163.49, 54.231.167.121,
                             54.231.194.9, 54.231.196.65,
                             54.231.229.9, 54.231.234.25,
                             54.243.248.170, 54.244.26.52,
                             62.122.170.171, 64.70.19.203,
                             64.176.11.190, 72.21.206.80,
                             72.21.210.29, 75.2.85.42,
                             75.2.89.164, 75.2.115.196,
                             76.76.21.98, 76.76.21.142,
                             76.223.54.146, 80.74.131.2,
                             85.159.66.93, 88.198.29.97,
                             90.153.255.235, 92.51.130.89,
                             99.83.182.69, 99.83.196.71,
                             103.11.228.30, 103.63.236.58,
                             104.16.80.230, 104.16.132.229,
                             104.16.133.229, 104.17.24.14,
                             104.17.25.14, 104.17.143.163,
                             104.18.12.17, 104.18.13.17,
                             104.21.5.41, 104.21.7.2,
                             104.21.13.108, 104.21.44.215,
                             104.21.51.222, 104.21.53.52,
                             104.21.53.237, 104.21.54.106,
                             104.21.56.186, 104.21.80.24,
                             104.21.84.116, 104.21.85.231,
                             104.21.92.254, 104.21.95.240,
                             104.86.190.6, 104.86.190.8,
                             104.247.81.11, 104.247.81.50,
                             104.247.81.52, 104.247.81.53,
                             104.247.82.50, 104.247.82.52,
                             110.4.45.235, 120.24.54.115,
                             128.204.136.114, 130.211.9.172,
                             135.181.149.208, 138.68.89.92,
                             138.68.116.54, 142.250.64.138,
                             142.250.64.170, 142.250.189.138,
                             142.250.217.170, 142.250.217.202,
                             142.250.217.234, 142.251.35.234,
                             149.102.146.245, 150.158.143.106,
                             157.7.144.5, 162.255.119.209,
                             162.255.119.253, 172.64.80.1,
                             172.67.132.241, 172.67.135.138,
                             172.67.138.49, 172.67.149.164,
                             172.67.155.74, 172.67.173.86,
                             172.67.188.254, 172.67.191.147,
                             172.67.199.215, 172.67.201.185,
                             172.67.203.237, 172.67.209.33,
                             172.67.211.227, 172.67.220.3,
                             172.217.2.202, 172.217.165.202,
                             178.168.100.125, 185.32.190.4,
                             185.154.54.5, 185.182.56.83,
                             185.206.180.121, 192.178.50.42,
                             192.178.50.74, 192.185.78.242,
                             193.105.159.15, 194.245.148.189,
                             195.49.215.175, 195.201.106.151,
                             199.59.243.225, 199.60.116.108,
                             200.24.14.6, 201.158.32.14,
                             207.171.166.22, 213.108.56.205,
                             213.186.33.5, 217.24.17.51,
                             217.146.69.5 }
        }

        set omr_dst_bypass_all_6 {
                type ipv6_addr
        }

        set v2r_rules_src_bypass {
                type ipv4_addr
                flags interval
                auto-merge
        }

        set v2r_rules6_src_bypass {
                type ipv6_addr
                flags interval
                auto-merge
        }

        set v2r_rules_src_forward {
                type ipv4_addr
                flags interval
                auto-merge
        }

        set v2r_rules6_src_forward {
                type ipv6_addr
                flags interval
                auto-merge
        }

        set v2r_rules_src_checkdst {
                type ipv4_addr
                flags interval
                auto-merge
        }

        set v2r_rules6_src_checkdst {
                type ipv6_addr
                flags interval
                auto-merge
        }

        set v2r_rules_remote_servers {
                type ipv4_addr
                flags interval
                auto-merge
                elements = { 45.61.188.181 }
        }

        set v2r_rules6_remote_servers {
                type ipv6_addr
                flags interval
                auto-merge
        }

        set v2r_rules_dst_bypass {
                type ipv4_addr
                flags interval
                auto-merge
        }

        set v2r_rules6_dst_bypass {
                type ipv6_addr
                flags interval
                auto-merge
        }

        set v2r_rules_dst_bypass_ {
                type ipv4_addr
                flags interval
                auto-merge
                elements = { 0.0.0.0/8, 10.0.0.0/8,
                             100.64.0.0/10, 127.0.0.0/8,
                             169.254.0.0/16, 172.16.0.0/12,
                             192.0.0.0/24, 192.0.2.0/24,
                             192.31.196.0/24, 192.52.193.0/24,
                             192.88.99.0/24, 192.168.0.0/16,
                             192.175.48.0/24, 198.18.0.0/15,
                             198.51.100.0/24, 203.0.113.0/24,
                             224.0.0.0/3 }
        }

        set v2r_rules6_dst_bypass_ {
                type ipv6_addr
                flags interval
                auto-merge
                elements = { ::/127,
                             ::ffff:0.0.0.0/96,
                             64:ff9b:1::/48,
                             100::/64,
                             2001::/23,
                             fc00::/7,
                             fe80::/10 }
        }

        set v2r_rules_dst_forward {
                type ipv4_addr
                flags interval
                auto-merge
        }

        set v2r_rules6_dst_forward {
                type ipv6_addr
                flags interval
                auto-merge
        }

        set v2r_rules_dst_forward_rrst_ {
                type ipv4_addr
                flags interval
                auto-merge
        }

        set v2r_rules6_dst_forward_rrst_ {
                type ipv6_addr
                flags interval
                auto-merge
        }

        chain v2r_rules_pre_tcp {
                type nat hook prerouting priority filter + 1; policy accept;
                meta mark 0x00004539 accept
                ip daddr @omr_dst_bypass_all_4 accept
                meta mark 0x45391500 accept
                ip daddr @omr_dst_bypass_tun0_4 accept
                meta mark 0x00045398 accept
                ip daddr @omr_dst_bypass_eth2_4 accept
                meta mark 0x00045397 accept
                ip daddr @omr_dst_bypass_eth0_4 accept
                meta mark 0x45399999 accept
                ip daddr @omr_dst_bypass_eth1_4 accept
                meta mark 0x00004539 accept
                ip daddr @omr_dst_bypass_all_4 accept
                meta mark 0x45391500 accept
                ip daddr @omr_dst_bypass_tun0_4 accept
                meta mark 0x00045398 accept
                ip daddr @omr_dst_bypass_eth2_4 accept
                meta mark 0x00045397 accept
                ip daddr @omr_dst_bypass_eth0_4 accept
                meta mark 0x45399999 accept
                ip daddr @omr_dst_bypass_eth1_4 accept
                meta l4proto tcp goto v2r_rules_pre_src_tcp
        }

        chain v2r_rules_pre_src_tcp {
                ip daddr @v2r_rules_dst_bypass_ accept
                ip6 daddr @v2r_rules6_dst_bypass_ accept
                goto v2r_rules_src_tcp
        }

        chain v2r_rules_src_tcp {
                ip saddr @v2r_rules_src_bypass accept
                ip saddr @v2r_rules_src_forward goto v2r_rules_forward_tcp
                ip saddr @v2r_rules_src_checkdst goto v2r_rules_dst_tcp
                ip6 saddr @v2r_rules6_src_bypass accept
                ip6 saddr @v2r_rules6_src_forward goto v2r_rules_forward_tcp
                ip6 saddr @v2r_rules6_src_checkdst goto v2r_rules_dst_tcp
                goto v2r_rules_dst_tcp
        }

        chain v2r_rules_dst_tcp {
                ip daddr @v2r_rules_dst_bypass accept
                ip daddr @v2r_rules_remote_servers accept
                ip daddr @v2r_rules_dst_forward goto v2r_rules_forward_tcp
                ip6 daddr @v2r_rules6_dst_bypass accept
                ip6 daddr @v2r_rules6_remote_servers accept
                ip6 daddr @v2r_rules6_dst_forward goto v2r_rules_forward_tcp
                goto v2r_rules_forward_tcp
        }

        chain v2r_rules_forward_tcp {
                meta l4proto tcp redirect to :1897
        }

        chain v2r_rules_local_out {
                type nat hook output priority filter - 1; policy accept;
                meta mark 0x00004539 accept
                ip daddr @omr_dst_bypass_all_4 accept
                meta mark 0x45391500 accept
                ip daddr @omr_dst_bypass_tun0_4 accept
                meta mark 0x00045398 accept
                ip daddr @omr_dst_bypass_eth2_4 accept
                meta mark 0x00045397 accept
                ip daddr @omr_dst_bypass_eth0_4 accept
                meta mark 0x45399999 accept
                ip daddr @omr_dst_bypass_eth1_4 accept
                meta mark 0x00004539 accept
                ip daddr @omr_dst_bypass_all_4 accept
                meta mark 0x45391500 accept
                ip daddr @omr_dst_bypass_tun0_4 accept
                meta mark 0x00045398 accept
                ip daddr @omr_dst_bypass_eth2_4 accept
                meta mark 0x00045397 accept
                ip daddr @omr_dst_bypass_eth0_4 accept
                meta mark 0x45399999 accept
                ip daddr @omr_dst_bypass_eth1_4 accept
                meta l4proto != tcp accept
                ip daddr @v2r_rules_remote_servers accept
                ip daddr @v2r_rules_dst_bypass_ accept
                ip daddr @v2r_rules_dst_bypass accept
                ip6 daddr @v2r_rules6_remote_servers accept
                ip6 daddr @v2r_rules6_dst_bypass_ accept
                ip6 daddr @v2r_rules6_dst_bypass accept
                goto v2r_rules_forward_tcp
        }

        chain input {
                type filter hook input priority filter; policy drop;
                iif "lo" accept comment "!fw4: Accept traffic from loopback"
                ct state vmap { established : accept, related : accept } comment "!fw4: Handle inbound flows"
                tcp flags syn / fin,syn,rst,ack jump syn_flood comment "!fw4: Rate limit TCP syn packets"
                iifname "eth1" jump input_lan comment "!fw4: Handle lan IPv4/IPv6 input traffic"
                iifname { "eth0", "eth2" } jump input_wan comment "!fw4: Handle wan IPv4/IPv6 input traffic"
                iifname "tun0" jump input_vpn comment "!fw4: Handle vpn IPv4/IPv6 input traffic"
                jump handle_reject
        }

        chain forward {
                type filter hook forward priority filter; policy drop;
                ct state vmap { established : accept, related : accept } comment "!fw4: Handle forwarded flows"
                icmp type echo-request limit rate 1000/second burst 5 packets counter packets 109 bytes 8988 accept comment "!fw4: Allow-All-Ping"
                icmpv6 type echo-request limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-All-Ping"
                udp dport 443 counter packets 0 bytes 0 drop comment "!fw4: Block QUIC All"
                iifname "eth1" jump forward_lan comment "!fw4: Handle lan IPv4/IPv6 forward traffic"
                iifname { "eth0", "eth2" } jump forward_wan comment "!fw4: Handle wan IPv4/IPv6 forward traffic"
                iifname "tun0" jump forward_vpn comment "!fw4: Handle vpn IPv4/IPv6 forward traffic"
                jump upnp_forward comment "Hook into miniupnpd forwarding chain"
                jump handle_reject
        }

        chain output {
                type filter hook output priority filter; policy drop;
                oif "lo" accept comment "!fw4: Accept traffic towards loopback"
                ct state vmap { established : accept, related : accept } comment "!fw4: Handle outbound flows"
                oifname "eth1" jump output_lan comment "!fw4: Handle lan IPv4/IPv6 output traffic"
                oifname { "eth0", "eth2" } jump output_wan comment "!fw4: Handle wan IPv4/IPv6 output traffic"
                oifname "tun0" jump output_vpn comment "!fw4: Handle vpn IPv4/IPv6 output traffic"
                jump handle_reject
        }

        chain prerouting {
                type filter hook prerouting priority filter; policy accept;
                icmp type echo-request limit rate 1000/second burst 5 packets counter packets 124 bytes 9408 accept comment "!fw4: Allow-All-Ping"
                icmpv6 type echo-request limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-All-Ping"
                udp dport 443 counter packets 708 bytes 837135 drop comment "!fw4: Block QUIC All"
                counter packets 134730 bytes 149627790 jump accept_to_vpn comment "!fw4: Allow-All-LAN-to-VPN"
                counter packets 134730 bytes 149627790 jump accept_to_wan comment "!fw4: Allow-Lan-to-Wan"
                jump accept_to_wan comment "!fw4: Accept lan to wan forwarding"
                jump accept_to_vpn comment "!fw4: Accept lan to vpn forwarding"
                iifname "eth1" jump helper_lan comment "!fw4: Handle lan IPv4/IPv6 helper assignment"
                icmpv6 type { destination-unreachable, time-exceeded, echo-request, echo-reply } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-ICMPv6-Forward"
                icmpv6 type . icmpv6 code { packet-too-big . no-route, parameter-problem . no-route, parameter-problem . admin-prohibited } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-ICMPv6-Forward"
                meta l4proto esp counter packets 0 bytes 0 jump accept_to_lan comment "!fw4: Allow-IPSec-ESP"
                udp dport 500 counter packets 0 bytes 0 jump accept_to_lan comment "!fw4: Allow-ISAKMP"
        }

        chain handle_reject {
                meta l4proto tcp reject with tcp reset comment "!fw4: Reject TCP traffic"
                reject comment "!fw4: Reject any other traffic"
        }

        chain syn_flood {
                limit rate 25/second burst 50 packets return comment "!fw4: Accept SYN packets below rate-limit"
                drop comment "!fw4: Drop excess packets"
        }

        chain input_lan {
                icmpv6 type { destination-unreachable, time-exceeded, echo-request, echo-reply, nd-router-solicit, nd-router-advert } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: ICMPv6-Lan-to-OMR"
                udp dport 443 counter packets 0 bytes 0 drop comment "!fw4: Block QUIC Proxy"
                ct status dnat accept comment "!fw4: Accept port redirections"
                jump accept_from_lan
        }

        chain output_lan {
                jump accept_to_lan
        }

        chain forward_lan {
                counter packets 478 bytes 37268 jump accept_to_vpn comment "!fw4: Allow-All-LAN-to-VPN"
                counter packets 21 bytes 1224 jump accept_to_wan comment "!fw4: Allow-Lan-to-Wan"
                jump accept_to_wan comment "!fw4: Accept lan to wan forwarding"
                jump accept_to_vpn comment "!fw4: Accept lan to vpn forwarding"
                ct status dnat accept comment "!fw4: Accept port forwards"
                jump accept_to_lan
        }

        chain helper_lan {
                udp dport 10080 ct helper set "amanda" comment "!fw4: Amanda backup and archiving proto"
                tcp dport 21 ct helper set "ftp" comment "!fw4: FTP passive connection tracking"
                udp dport 1719 ct helper set "RAS" comment "!fw4: RAS proto tracking"
                tcp dport 1720 ct helper set "Q.931" comment "!fw4: Q.931 proto tracking"
                meta nfproto ipv4 tcp dport 6667 ct helper set "irc" comment "!fw4: IRC DCC connection tracking"
                meta nfproto ipv4 tcp dport 1723 ct helper set "pptp" comment "!fw4: PPTP VPN connection tracking"
                udp dport 5060 ct helper set "sip" comment "!fw4: SIP VoIP connection tracking"
                meta nfproto ipv4 udp dport 161 ct helper set "snmp" comment "!fw4: SNMP monitoring connection tracking"
                udp dport 69 ct helper set "tftp" comment "!fw4: TFTP connection tracking"
        }

        chain accept_from_lan {
                iifname "eth1" counter packets 1851 bytes 254587 accept comment "!fw4: accept lan IPv4/IPv6 traffic"
        }

        chain accept_to_lan {
                oifname "eth1" counter packets 23 bytes 5875 accept comment "!fw4: accept lan IPv4/IPv6 traffic"
        }

        chain input_wan {
                meta nfproto ipv4 udp dport 68 counter packets 0 bytes 0 accept comment "!fw4: Allow-DHCP-Renew"
                icmp type echo-request counter packets 0 bytes 0 accept comment "!fw4: Allow-Ping"
                meta nfproto ipv4 meta l4proto igmp counter packets 4 bytes 128 accept comment "!fw4: Allow-IGMP"
                meta nfproto ipv6 udp dport 546 counter packets 0 bytes 0 accept comment "!fw4: Allow-DHCPv6"
                ip6 saddr fe80::/10 icmpv6 type . icmpv6 code { mld-listener-query . no-route, mld-listener-report . no-route, mld-listener-done . no-route, mld2-listener-report . no-route } counter packets 0 bytes 0 accept comment "!fw4: Allow-MLD"
                icmpv6 type { nd-router-solicit, nd-router-advert } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow IPv6 ICMP"
                icmpv6 type . icmpv6 code { nd-neighbor-solicit . no-route, nd-neighbor-advert . no-route } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow IPv6 ICMP"
                meta nfproto ipv6 udp sport 546 udp dport 547 counter packets 0 bytes 0 accept comment "!fw4: Allow DHCPv6 (546-to-547)"
                meta nfproto ipv6 udp sport 547 udp dport 546 counter packets 0 bytes 0 accept comment "!fw4: Allow DHCPv6 (547-to-546)"
                ct status dnat accept comment "!fw4: Accept port redirections"
                jump reject_from_wan
        }

        chain output_wan {
                jump accept_to_wan
        }

        chain forward_wan {
                icmpv6 type { destination-unreachable, time-exceeded, echo-request, echo-reply } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-ICMPv6-Forward"
                icmpv6 type . icmpv6 code { packet-too-big . no-route, parameter-problem . no-route, parameter-problem . admin-prohibited } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-ICMPv6-Forward"
                meta l4proto esp counter packets 0 bytes 0 jump accept_to_lan comment "!fw4: Allow-IPSec-ESP"
                udp dport 500 counter packets 0 bytes 0 jump accept_to_lan comment "!fw4: Allow-ISAKMP"
                ct status dnat accept comment "!fw4: Accept port forwards"
                jump reject_to_wan
        }

        chain accept_to_wan {
                meta nfproto ipv4 oifname { "eth0", "eth2" } ct state invalid counter packets 6 bytes 384 drop comment "!fw4: Prevent NAT leakage"
                oifname { "eth0", "eth2" } counter packets 2684 bytes 194176 accept comment "!fw4: accept wan IPv4/IPv6 traffic"
        }

        chain reject_from_wan {
                iifname { "eth0", "eth2" } counter packets 7 bytes 866 jump handle_reject comment "!fw4: reject wan IPv4/IPv6 traffic"
        }

        chain reject_to_wan {
                oifname { "eth0", "eth2" } counter packets 0 bytes 0 jump handle_reject comment "!fw4: reject wan IPv4/IPv6 traffic"
        }

        chain input_vpn {
                meta l4proto { icmp, ipv6-icmp } counter packets 0 bytes 0 accept comment "!fw4: Allow-VPN-ICMP"
                ct status dnat accept comment "!fw4: Accept port redirections"
                jump reject_from_vpn
        }

        chain output_vpn {
                jump accept_to_vpn
        }

        chain forward_vpn {
                ct status dnat accept comment "!fw4: Accept port forwards"
                jump accept_to_vpn
        }

        chain accept_to_vpn {
                meta nfproto ipv4 oifname "tun0" ct state invalid counter packets 5 bytes 558 drop comment "!fw4: Prevent NAT leakage"
                oifname "tun0" counter packets 1575 bytes 129470 accept comment "!fw4: accept vpn IPv4/IPv6 traffic"
        }

        chain reject_from_vpn {
                iifname "tun0" counter packets 3 bytes 232 jump handle_reject comment "!fw4: reject vpn IPv4/IPv6 traffic"
        }

        chain dstnat {
                type nat hook prerouting priority dstnat; policy accept;
                jump upnp_prerouting comment "Hook into miniupnpd prerouting chain"
        }

        chain srcnat {
                type nat hook postrouting priority srcnat; policy accept;
                oifname { "eth0", "eth2" } jump srcnat_wan comment "!fw4: Handle wan IPv4/IPv6 srcnat traffic"
                oifname "tun0" jump srcnat_vpn comment "!fw4: Handle vpn IPv4/IPv6 srcnat traffic"
                jump upnp_postrouting comment "Hook into miniupnpd postrouting chain"
        }

        chain srcnat_wan {
                meta nfproto ipv4 masquerade comment "!fw4: Masquerade IPv4 wan traffic"
        }

        chain srcnat_vpn {
                meta nfproto ipv4 masquerade comment "!fw4: Masquerade IPv4 vpn traffic"
        }

        chain raw_prerouting {
                type filter hook prerouting priority raw; policy accept;
        }

        chain raw_output {
                type filter hook output priority raw; policy accept;
        }

        chain mangle_prerouting {
                type filter hook prerouting priority mangle; policy accept;
                meta l4proto tcp iifname "eth1" ip daddr @omr_dscp_cs0_4 counter packets 0 bytes 0 ip dscp set cs0 comment "!fw4: omr_dscp_cs0_4"
                meta l4proto udp iifname "eth1" ip daddr @omr_dscp_cs0_4 counter packets 0 bytes 0 ip dscp set cs0 comment "!fw4: omr_dscp_cs0_4"
                meta l4proto tcp iifname "eth1" ip daddr @omr_dscp_cs1_4 counter packets 11 bytes 1769 ip dscp set cs1 comment "!fw4: omr_dscp_cs1_4"
                meta l4proto udp iifname "eth1" ip daddr @omr_dscp_cs1_4 counter packets 0 bytes 0 ip dscp set cs1 comment "!fw4: omr_dscp_cs1_4"
                meta l4proto tcp iifname "eth1" ip daddr @omr_dscp_cs2_4 counter packets 864 bytes 199821 ip dscp set cs2 comment "!fw4: omr_dscp_cs2_4"
                meta l4proto udp iifname "eth1" ip daddr @omr_dscp_cs2_4 counter packets 147 bytes 171846 ip dscp set cs2 comment "!fw4: omr_dscp_cs2_4"
                meta l4proto tcp iifname "eth1" ip daddr @omr_dscp_cs3_4 counter packets 0 bytes 0 ip dscp set cs3 comment "!fw4: omr_dscp_cs3_4"
                meta l4proto udp iifname "eth1" ip daddr @omr_dscp_cs3_4 counter packets 0 bytes 0 ip dscp set cs3 comment "!fw4: omr_dscp_cs3_4"
                meta l4proto tcp iifname "eth1" ip daddr @omr_dscp_cs4_4 counter packets 25180 bytes 1561737 ip dscp set cs4 comment "!fw4: omr_dscp_cs4_4"
                meta l4proto udp iifname "eth1" ip daddr @omr_dscp_cs4_4 counter packets 36 bytes 41892 ip dscp set cs4 comment "!fw4: omr_dscp_cs4_4"
                meta l4proto tcp iifname "eth1" ip daddr @omr_dscp_cs5_4 counter packets 0 bytes 0 ip dscp set cs5 comment "!fw4: omr_dscp_cs5_4"
                meta l4proto udp iifname "eth1" ip daddr @omr_dscp_cs5_4 counter packets 0 bytes 0 ip dscp set cs5 comment "!fw4: omr_dscp_cs5_4"
                meta l4proto tcp iifname "eth1" ip daddr @omr_dscp_cs6_4 counter packets 0 bytes 0 ip dscp set cs6 comment "!fw4: omr_dscp_cs6_4"
                meta l4proto udp iifname "eth1" ip daddr @omr_dscp_cs6_4 counter packets 0 bytes 0 ip dscp set cs6 comment "!fw4: omr_dscp_cs6_4"
                meta l4proto tcp iifname "eth1" ip daddr @omr_dscp_cs7_4 counter packets 0 bytes 0 ip dscp set cs7 comment "!fw4: omr_dscp_cs7_4"
                meta l4proto udp iifname "eth1" ip daddr @omr_dscp_cs7_4 counter packets 0 bytes 0 ip dscp set cs7 comment "!fw4: omr_dscp_cs7_4"
                meta l4proto tcp iifname "eth1" ip daddr @omr_dscp_ef_4 counter packets 0 bytes 0 ip dscp set ef comment "!fw4: omr_dscp_ef_4"
                meta l4proto udp iifname "eth1" ip daddr @omr_dscp_ef_4 counter packets 0 bytes 0 ip dscp set ef comment "!fw4: omr_dscp_ef_4"
                meta l4proto tcp iifname "eth1" ip daddr @bypass_hulu counter packets 0 bytes 0 meta mark set 0x00004539 comment "!fw4: bypass_"
                meta l4proto udp iifname "eth1" ip daddr @bypass_hulu counter packets 0 bytes 0 meta mark set 0x00004539 comment "!fw4: bypass_"
                meta l4proto tcp iifname "eth1" ip6 daddr @bypass6_hulu counter packets 0 bytes 0 meta mark set 0x00006539 comment "!fw4: bypass6_"
                meta l4proto udp iifname "eth1" ip6 daddr @bypass6_hulu counter packets 0 bytes 0 meta mark set 0x00006539 comment "!fw4: bypass6_"
                meta l4proto tcp iifname "eth1" ip daddr @omr_dst_bypass_eth1_4 counter packets 0 bytes 0 meta mark set 0x45399999 comment "!fw4: omr_dst_bypass_eth1_rule"
                meta l4proto udp iifname "eth1" ip daddr @omr_dst_bypass_eth1_4 counter packets 0 bytes 0 meta mark set 0x45399999 comment "!fw4: omr_dst_bypass_eth1_rule"
                meta l4proto tcp iifname "eth1" ip daddr @omr_dst_bypass_all_4 counter packets 640 bytes 60984 meta mark set 0x00004539 comment "!fw4: omr_dst_bypass_all_rule"
                meta l4proto udp iifname "eth1" ip daddr @omr_dst_bypass_all_4 counter packets 10 bytes 12780 meta mark set 0x00004539 comment "!fw4: omr_dst_bypass_all_rule"
        }

        chain mangle_postrouting {
                type filter hook postrouting priority mangle; policy accept;
                oifname "eth1" tcp flags syn / fin,syn,rst tcp option maxseg size set rt mtu comment "!fw4: Zone lan IPv4/IPv6 egress MTU fixing"
                oifname { "eth0", "eth2" } tcp flags syn / fin,syn,rst tcp option maxseg size set rt mtu comment "!fw4: Zone wan IPv4/IPv6 egress MTU fixing"
                oifname "tun0" tcp flags syn / fin,syn,rst tcp option maxseg size set rt mtu comment "!fw4: Zone vpn IPv4/IPv6 egress MTU fixing"
        }

        chain mangle_input {
                type filter hook input priority mangle; policy accept;
                meta l4proto icmp iifname "eth1" ip saddr 0.0.0.0/0 ip daddr 0.0.0.0/0 counter packets 33 bytes 1920 ip dscp set cs7 comment "!fw4: omr_dscp_rule1"
                iifname "eth1" ip saddr 0.0.0.0/0 ip daddr 0.0.0.0/0 udp sport { 53, 123, 5353 } udp dport 0-65535 counter packets 0 bytes 0 ip dscp set cs4 comment "!fw4: omr_dscp_rule2"
                iifname "eth1" ip saddr 0.0.0.0/0 ip daddr 0.0.0.0/0 tcp sport { 53, 5353 } tcp dport 0-65535 counter packets 0 bytes 0 ip dscp set cs4 comment "!fw4: omr_dscp_rule3"
                iifname "eth1" ip saddr 0.0.0.0/0 ip daddr 0.0.0.0/0 tcp sport 0-65535 tcp dport 65500 counter packets 0 bytes 0 ip dscp set cs4 comment "!fw4: omr_dscp_rule4"
                iifname "eth1" ip saddr 0.0.0.0/0 ip daddr 0.0.0.0/0 tcp sport 0-65535 tcp dport { 65001, 65011, 65301, 65401 } counter packets 0 bytes 0 ip dscp set cs7 comment "!fw4: omr_dscp_rule5"
                iifname "eth1" ip saddr 0.0.0.0/0 ip daddr 0.0.0.0/0 udp sport 0-65535 udp dport { 65001, 65301 } counter packets 0 bytes 0 ip dscp set cs7 comment "!fw4: omr_dscp_rule6"
                iifname "eth1" ip saddr 0.0.0.0/0 ip daddr 0.0.0.0/0 tcp sport 0-65535 tcp dport { 65101, 65228 } counter packets 0 bytes 0 ip dscp set cs6 comment "!fw4: omr_dscp_rule7"
        }

        chain mangle_output {
                type route hook output priority mangle; policy accept;
        }

        chain mangle_forward {
                type filter hook forward priority mangle; policy accept;
                iifname "eth1" tcp flags syn / fin,syn,rst tcp option maxseg size set rt mtu comment "!fw4: Zone lan IPv4/IPv6 ingress MTU fixing"
                iifname { "eth0", "eth2" } tcp flags syn / fin,syn,rst tcp option maxseg size set rt mtu comment "!fw4: Zone wan IPv4/IPv6 ingress MTU fixing"
                iifname "tun0" tcp flags syn / fin,syn,rst tcp option maxseg size set rt mtu comment "!fw4: Zone vpn IPv4/IPv6 ingress MTU fixing"
        }

        chain upnp_forward {
        }

        chain upnp_prerouting {
        }

        chain upnp_postrouting {
        }
}
github-actions[bot] commented 3 months ago

This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 5 days