It worked for me (using dd-wrt on Netgear R7000 via a Canadian ISP and IPVanish). This is true of streaming on my PC and wireless connections to the router from a PS3 and Smart TV.
Glad it worked for you! Happy to help.
Cerebus99 wrote:
For some reason though my mobile phone still gets the proxy error.
You may need to add a server or two to the list. You can use tcpdump while logged in to the R7000 via Telnet to watch the traffic. "tcpdump -i eth1" or "tcpdump -i eth2" most likely
Cerebus99 wrote:
In general I am not happy that Netflix has prompted me to reduce my overall internet security but I am very happy to have found this work around.
I'm pissed at Netflix about this. As a US Subscriber using a VPN Proxy in the US I don't understand why they feel the need to block legitmate users.
Joined: 03 Mar 2016 Posts: 22 Location: Austin, TX
Posted: Tue Mar 15, 2016 22:48 Post subject:
This is awesome! Thanks dahosepipe and eibgrad for putting this together. I've put it in and it think it's working for me.
But a question... I noticed that you have whatismyip.org as one that should bypass the VPN. But when I check it out, it's returning my VPN's IP address. Why is that?
Edit: The other odd thing I've noticed is that speedtest.net still picks up my local IP address. It wasn't doing that before I put this change in. _________________ WRT1900ACS with DD-WRT v3.0-r29300M kongmv (03/25/16)
Last edited by flop_shot on Tue Mar 15, 2016 22:51; edited 1 time in total
But a question... I noticed that you have whatismyip.org as one that should bypass the VPN. But when I check it out, it's returning my VPN's IP address. Why is that?
whatismyip.org should return your ISPs IP (not your VPNs) if things are working correctly.
Joined: 03 Mar 2016 Posts: 22 Location: Austin, TX
Posted: Tue Mar 15, 2016 23:19 Post subject:
dahosepipe wrote:
flop_shot wrote:
But a question... I noticed that you have whatismyip.org as one that should bypass the VPN. But when I check it out, it's returning my VPN's IP address. Why is that?
whatismyip.org should return your ISPs IP (not your VPNs) if things are working correctly.
when I do a lookup I get whatismyip.org -> 45.56.96.24
But when I check the routing table (route -n) I don't see that IP listed. _________________ WRT1900ACS with DD-WRT v3.0-r29300M kongmv (03/25/16)
Joined: 03 Mar 2016 Posts: 22 Location: Austin, TX
Posted: Wed Mar 16, 2016 0:38 Post subject:
dahosepipe wrote:
Notice that whatismyip.org and whatsmyip.org are two different sites.
Damn! Sorry. I'll just be going now. But I will enjoy the new setup very much. Thank you! _________________ WRT1900ACS with DD-WRT v3.0-r29300M kongmv (03/25/16)
# dd-wrt selective domain routing
WAN_GW="$(nvram get wan_gateway)"
# list domains for selective routing
for domain in \
"netflix.com" \
"ichnaea.netflix.com" \
"movies.netflix.com" \
"www.netflix.com" \
"nflxext.com" \
"cdn1.nflxext.com" \
"nflximg.com" \
"nflxvideo.net" \
"ipv4_1.cxl0.c145.sjc002.ix.nflxvideo.net" \
"amazonaws.com" \
"whatsmyip.org"
do
# extract ip addresses
for ip in $(nslookup $domain | awk '/^Name:/,0{if (/^Addr/)print $3}'); do
# add class c route for each ip address to wan gateway
ip route add `echo $ip | cut -d . -f 1,2`.0.0/16 via $WAN_GW
done
done
# flush cache
ip route flush cache
EOF
chmod +x $SCRIPT
sleep 60
$SCRIPT
In "Commands" on mine dd-wrt r7000 router, pressed "save startup" and rebooted the router, but still netflix is blocked and whatsmyip.org gives VPN IP.
what am i forgetting?
Now it works again...sort of. It streams fine on the PC but not the PS3. Checked tcpdump again while PS3 was connected and there were several more similar lines. I am worried this will be an endless process of adding more lines/rebooting/testing.
Can wildcards be used for these entries? Perhaps:
"*.dev.ix.nflxvideo.net" \
Does the script work with "routing policy"? because i only get the VPN to work when i enable "routing policy".
If i do nog set it, no data goes thru the VPN (VPN is connected)
Oke first things first, i cant get to run the VPN without setting a "routing policy". at this moment i have not configed the script and things.
Without a routing policy al traffic goes directly to isp (Ip chicken gives normal IP)
When setting a routing policy that IP goes thru the VPN (Ip chicken gives VPN ip) so the VPN works, so it looks like a missed config option?
The log shows the following:
Code:
Mar 18 19:40:28 unknown daemon.info dnsmasq-dhcp[1080]: DHCPREQUEST(br0) 192.168.0.100 00:04:20:eb:e1:6c
Mar 18 19:40:28 unknown daemon.info dnsmasq-dhcp[1080]: DHCPACK(br0) 192.168.0.100 00:04:20:eb:e1:6c HarmonyHub_beneden
Mar 18 19:40:28 unknown kern.info kernel: tun: Universal TUN/TAP device driver, 1.6
Mar 18 19:40:28 unknown kern.info kernel: tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
Mar 18 19:40:29 unknown daemon.err apcupsd[888]: apcupsd FATAL ERROR in linux-usb.c at line 609 Cannot find UPS device -- For a link to detailed USB trouble shooting information, please see <http://www.apcupsd.com/support.html>.
Mar 18 19:40:29 unknown daemon.err apcupsd[888]: apcupsd error shutdown completed
Mar 18 19:40:29 unknown daemon.notice openvpn[1451]: OpenVPN 2.3.10 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Mar 7 2016
Mar 18 19:40:29 unknown daemon.notice openvpn[1451]: library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.09
Mar 18 19:40:29 unknown daemon.warn openvpn[1454]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Mar 18 19:40:29 unknown daemon.warn openvpn[1454]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mar 18 19:40:29 unknown daemon.notice openvpn[1454]: UDPv4 link local: [undef]
Mar 18 19:40:29 unknown daemon.notice openvpn[1454]: UDPv4 link remote: [AF_INET]104.238.169.147:1194
Mar 18 19:40:29 unknown daemon.warn openvpn[1454]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mar 18 19:40:30 unknown daemon.notice openvpn[1454]: [Private Internet Access] Peer Connection Initiated with [AF_INET]104.238.169.147:1194
Mar 18 19:40:30 unknown user.notice root: vpnrouting: clean-up
Mar 18 19:40:30 unknown daemon.info dnsmasq-dhcp[1080]: DHCPREQUEST(br0) 192.168.0.127 7c:5c:f8:48:8c:03
Mar 18 19:40:30 unknown daemon.info dnsmasq-dhcp[1080]: DHCPACK(br0) 192.168.0.127 7c:5c:f8:48:8c:03 test
Mar 18 19:40:32 unknown daemon.err openvpn[1454]: Options error: option 'redirect-gateway' cannot be used in this context ([PUSH-OPTIONS])
Mar 18 19:40:32 unknown daemon.err openvpn[1454]: Options error: option 'dhcp-option' cannot be used in this context ([PUSH-OPTIONS])
Mar 18 19:40:32 unknown daemon.err openvpn[1454]: Options error: option 'dhcp-option' cannot be used in this context ([PUSH-OPTIONS])
Mar 18 19:40:32 unknown daemon.err openvpn[1454]: Options error: option 'route' cannot be used in this context ([PUSH-OPTIONS])
Mar 18 19:40:32 unknown daemon.notice openvpn[1454]: TUN/TAP device tun11 opened
Mar 18 19:40:32 unknown daemon.notice openvpn[1454]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mar 18 19:40:32 unknown daemon.notice openvpn[1454]: /sbin/ifconfig tun11 10.188.1.6 pointopoint 10.188.1.5 mtu 1500
Mar 18 19:40:32 unknown daemon.notice openvpn[1454]: updown.sh tun11 1500 1542 10.188.1.6 10.188.1.5 init
Mar 18 19:40:32 unknown daemon.notice openvpn[1454]: Initialization Sequence Completed
Mar 18 19:41:09 unknown daemon.info dnsmasq-dhcp[1080]: DHCPREQUEST(br0) 192.168.0.116 44:4c:0c:c0:90:32
Mar 18 19:41:09 unknown daemon.info dnsmasq-dhcp[1080]: DHCPACK(br0) 192.168.0.116 44:4c:0c:c0:90:32 Iphone
Mar 18 19:41:13 unknown daemon.info dnsmasq-dhcp[1080]: DHCPDISCOVER(br0) 00:18:dd:41:01:0c
Mar 18 19:41:13 unknown daemon.info dnsmasq-dhcp[1080]: DHCPOFFER(br0) 192.168.0.102 00:18:dd:41:01:0c
Mar 18 19:41:13 unknown daemon.info dnsmasq-dhcp[1080]: DHCPREQUEST(br0) 192.168.0.102 00:18:dd:41:01:0c
Mar 18 19:41:13 unknown daemon.info dnsmasq-dhcp[1080]: DHCPACK(br0) 192.168.0.102 00:18:dd:41:01:0c HDhomerun
Mar 18 19:41:13 unknown cron.err crond[1034]: time disparity of 24305441 minutes detected
Mar 18 20:18:11 unknown daemon.err openvpn[4169]: event_wait : Interrupted system call (code=4)
Mar 18 20:18:11 unknown daemon.notice openvpn[4169]: /sbin/ifconfig tun11 0.0.0.0
Mar 18 20:18:11 unknown daemon.notice openvpn[4169]: updown.sh tun11 1500 1542 10.180.1.6 10.180.1.5 init
Mar 18 20:18:11 unknown daemon.notice openvpn[4169]: SIGTERM[hard,] received, process exiting
Mar 18 20:18:12 unknown kern.info kernel: tun: Universal TUN/TAP device driver, 1.6
Mar 18 20:18:12 unknown kern.info kernel: tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
Mar 18 20:18:12 unknown daemon.notice openvpn[4669]: OpenVPN 2.3.10 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Mar 7 2016
Mar 18 20:18:12 unknown daemon.notice openvpn[4669]: library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.09
Mar 18 20:18:12 unknown daemon.warn openvpn[4672]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Mar 18 20:18:12 unknown daemon.warn openvpn[4672]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mar 18 20:18:12 unknown daemon.notice openvpn[4672]: UDPv4 link local: [undef]
Mar 18 20:18:12 unknown daemon.notice openvpn[4672]: UDPv4 link remote: [AF_INET]104.207.136.31:1194
Mar 18 20:18:12 unknown daemon.warn openvpn[4672]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mar 18 20:18:12 unknown user.notice root: vpnrouting: clean-up
Mar 18 20:18:12 unknown daemon.notice openvpn[4672]: [Private Internet Access] Peer Connection Initiated with [AF_INET]104.207.136.31:1194
Mar 18 20:18:13 unknown user.notice root: vpnrouting: clean-up
Mar 18 20:18:15 unknown daemon.err openvpn[4672]: Options error: option 'redirect-gateway' cannot be used in this context ([PUSH-OPTIONS])
Mar 18 20:18:15 unknown daemon.err openvpn[4672]: Options error: option 'dhcp-option' cannot be used in this context ([PUSH-OPTIONS])
Mar 18 20:18:15 unknown daemon.err openvpn[4672]: Options error: option 'dhcp-option' cannot be used in this context ([PUSH-OPTIONS])
Mar 18 20:18:15 unknown daemon.err openvpn[4672]: Options error: option 'route' cannot be used in this context ([PUSH-OPTIONS])
Mar 18 20:18:15 unknown daemon.notice openvpn[4672]: TUN/TAP device tun11 opened
Mar 18 20:18:15 unknown daemon.notice openvpn[4672]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mar 18 20:18:15 unknown daemon.notice openvpn[4672]: /sbin/ifconfig tun11 10.120.1.6 pointopoint 10.120.1.5 mtu 1500
Mar 18 20:18:15 unknown daemon.notice openvpn[4672]: updown.sh tun11 1500 1542 10.120.1.6 10.120.1.5 init
Mar 18 20:18:15 unknown daemon.notice openvpn[4672]: Initialization Sequence Completed
Mar 18 20:18:19 unknown daemon.err openvpn[4672]: event_wait : Interrupted system call (code=4)
Mar 18 20:18:19 unknown daemon.notice openvpn[4672]: OpenVPN STATISTICS
Mar 18 20:18:19 unknown daemon.notice openvpn[4672]: Updated,Fri Mar 18 20:18:19 2016
Mar 18 20:18:19 unknown daemon.notice openvpn[4672]: TUN/TAP read bytes,0
Mar 18 20:18:19 unknown daemon.notice openvpn[4672]: TUN/TAP write bytes,0
Mar 18 20:18:19 unknown daemon.notice openvpn[4672]: TCP/UDP read bytes,3890
Mar 18 20:18:19 unknown daemon.notice openvpn[4672]: TCP/UDP write bytes,1271
Mar 18 20:18:19 unknown daemon.notice openvpn[4672]: Auth read bytes,0
Mar 18 20:18:19 unknown daemon.notice openvpn[4672]: pre-compress bytes,0
Mar 18 20:18:19 unknown daemon.notice openvpn[4672]: post-compress bytes,0
Mar 18 20:18:19 unknown daemon.notice openvpn[4672]: pre-decompress bytes,0
Mar 18 20:18:20 unknown daemon.err openvpn[4672]: event_wait : Interrupted system call (code=4)
Mar 18 20:18:20 unknown daemon.notice openvpn[4672]: OpenVPN STATISTICS
Mar 18 20:18:20 unknown daemon.notice openvpn[4672]: Updated,Fri Mar 18 20:18:20 2016
Mar 18 20:18:20 unknown daemon.notice openvpn[4672]: TUN/TAP read bytes,0
Mar 18 20:18:20 unknown daemon.notice openvpn[4672]: TUN/TAP write bytes,0
Mar 18 20:18:20 unknown daemon.notice openvpn[4672]: TCP/UDP read bytes,3890
Mar 18 20:18:20 unknown daemon.notice openvpn[4672]: TCP/UDP write bytes,1271
Mar 18 20:18:20 unknown daemon.notice openvpn[4672]: Auth read bytes,0
Mar 18 20:18:20 unknown daemon.notice openvpn[4672]: pre-compress bytes,0
Mar 18 20:18:20 unknown daemon.notice openvpn[4672]: post-compress bytes,0
Mar 18 20:18:20 unknown daemon.notice openvpn[4672]: pre-decompress bytes,0