DD-WRT - Redirecting inteet traffic based on source Subnet

Following question has a long description. I hope some one in similar position finds it helpful. Please be patient. My problem is at the end.

First of all, I have the following setup in home:

--MODEM (ADSL) - ISP INTERNET : 192.168.0.1
  |
  -- WIRELESS ROUTER (DDWRT) : 192.168.1.1

I have a L2TP VPN service that I need to use must of the time to access inteet. As DD-WRT dont support L2TP as a VPN Client, I ended up setting it up as the primary WAN connection. Works as expected and my traffic goes through the VPN connection from all Wireless clients and Etheet ports. Exactly what I want.

http://i.stack.imgur.com/kAN4b.png

Now in some rare cases I dont want to use the VPN connection. Such as when it goes down. Until now I had to go to router control panel and set the WAN settings to "DHCP" to get direct inteet access. Then again when VPN become online, revert the settings back.

I found that difficult (specially cuz no one else knows how to do that) and so I decided to create a Virtual Wireless interface that use the Modem IP address as the gateway and as result any device connected to it gets the direct link to inteet. So I created a Virtual Wireless Interface and added it to a new bridge, then configured DHCP to assign any client connected to it an IP in 192.168.3.x IP space. Following screenshots helps you understand the setup:

http://i.stack.imgur.com/s19Lg.png

http://i.stack.imgur.com/Q9LGZ.png

http://i.stack.imgur.com/nFjRb.png

http://i.stack.imgur.com/uSZft.png

Untill now everything works as expected. Now I had to find a way to send the traffic from this subnet (192.168.3.x) to 192.168.0.1 which is the ADSL modem and as result bypass the PPP connection of router.

Using my limited knowledge of IP tables and some help from inteet I wrote the following script:

ip rule add from 192.168.3.0/24 table 200
ip route add default via 192.168.0.1 dev vlan2 table 200
ip route flush cache

IP Table contains the following rules before the execution of above commands:

root@router:~# ip route
default via 192.168.100.198 dev ppp0  scope link
50.105.xxx.xxx via 192.168.0.1 dev vlan2
127.0.0.0/8 dev lo  scope link
169.254.0.0/16 dev br0  proto keel  scope link  src 169.254.255.1
192.168.0.0/24 dev vlan2  proto keel  scope link  src 192.168.0.100
192.168.1.0/24 dev br0  proto keel  scope link  src 192.168.1.1
192.168.1.1 via 192.168.0.1 dev vlan2
192.168.3.0/24 dev br1  proto keel  scope link  src 192.168.3.1
192.168.100.198 dev ppp0  scope link

After execution in table 200:

root@router:~# ip route list table 200
default via 192.168.0.1 dev vlan2

As you can see, above commands works well but I have two problems:

1. I cant find a reliable way to execute it at every restart

2. VPN connection wont connect again after a disconnected. In fact after a disconnect any client except the ones with 192.168.3.x IP address loose their inteet access.

Take a look at the IP table rules after a disconnected:

root@router:~# ip route list table 200
default via 192.168.0.1 dev vlan2
root@router:~# ip route
127.0.0.0/8 dev lo  scope link
169.254.0.0/16 dev br0  proto keel  scope link  src 169.254.255.1
192.168.0.0/24 dev vlan2  proto keel  scope link  src 192.168.0.100
192.168.1.0/24 dev br0  proto keel  scope link  src 192.168.1.1
192.168.1.1 via 192.168.0.1 dev vlan2
192.168.3.0/24 dev br1  proto keel  scope link  src 192.168.3.1

based on the above result I guess it is because of not having a default rule, But why and how can I solve it? It is important to know that without executing my custom commands, everything would works normally.

What I tried already:

1. Startup Script:

I used the below command to create a script to get executed at wan gets connected. didnt had any success.

mkdir -p '/tmp/etc/config/'
echo "ip rule add from 192.168.3.0/24 table 200
ip route add default via 192.168.0.1 dev vlan2 table 200
ip route flush cache" > '/tmp/etc/config/direct.wanup'
chmod +x '/tmp/etc/config/direct.wanup'

Can any one help?

Recent Questions...