Untitled

# http://www.linksysinfo.org/index.php?threads/routing-traffic-between-regular-isp-and-two-vpn-connections.72248/
# Put this in the Firewall portion of the script section in Administration

#!/bin/sh
set -x # uncomment/comment to enable/disable debug mode

(
TID="200"
FW_MARK="0x88"
IPSET="myipset"

# cleanup from prior execution
(
# stop split tunnel
ip rule del fwmark $FW_MARK table $TID

# delete firewall rules
iptables -t mangle -F

# delete ipset hash table
ipset -F $IPSET
ipset -X $IPSET

# delete alternate routing table
ip route flush table $TID

# force routing system to recognize our changes
ip route flush cache

# enable reverse path filtering
for i in /proc/sys/net/ipv4/conf/*/rp_filter; do echo 1 > $i; done

sleep 3
) > /dev/null 2>&1

# quit if neither OpenVPN client is active
! ip route show | egrep -qm1 'tun1[1-2]' && exit

# copy main routing table (exclude all default gateway routes)
ip route show | egrep -v '^default|^0.0.0.0/1|^128.0.0.0/1' \
  | while read route; do
  ip route add $route table $TID
  done

# add WAN as default gateway
ip route add default via $(nvram get wan_gateway) table $TID

# force routing system to recognize our changes
ip route flush cache

# disable reverse path filtering
for i in /proc/sys/net/ipv4/conf/*/rp_filter; do echo 0 > $i; done

# load required netfilter modules
(modprobe xt_set || modprobe ipt_set) 2> /dev/null

# create ipset hash table
insmod ip_set_hash_ip
ipset -N $IPSET iphash -q
ipset -F $IPSET

# add firewall rule
iptables -t mangle -A PREROUTING -p tcp -m multiport --sport 3000,8085,32400 -j MARK --set-mark $FW_MARK
iptables -t mangle -A PREROUTING -m set --match-set $IPSET dst -j MARK --set-mark $FW_MARK

# OUTPUT for Admin page of router (Set port for your setting)
iptables -t mangle -A OUTPUT -p tcp -m multiport --sport 8080 -j MARK --set-mark $FW_MARK

# start split tunnel
ip rule add fwmark $FW_MARK table $TID

) 2>&1 | logger -t "ovpn_split[$$]"