option route_nopull '1'
        option script_security '2'
        option up '/etc/openvpn/vpnrouteup.sh'
        option down '/etc/openvpn/vpnroutedown.sh'

#!/bin/sh
logger "Start vpnrouteup"
# Set route for table 100
ip route add default dev tun0 table 100
# Set rule for table 100
ip rule add fwmark 1 table 100
ip route flush cache
# By default all traffic bypasses the VPN
iptables -t mangle -A PREROUTING -i br-lan -s 192.168.3.250/32 -j MARK --set-mark 1
logger "Koniec vpnrouteup"

#!/bin/sh

logger "Start vpnroutedown"
# show the record --> ip route show table 100
ip route flush table 100
# show the record --> ip rule show
ip rule del fwmark 1 table 100
# show the record --> iptables -t mangle -L PREROUTING
iptables -t mangle -D PREROUTING -i br-lan -s 192.168.3.250/32 -j MARK --set-mark 1
logger "Koniec vpnroutedown"