popov/scripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3857ae0adb273f7344d434444a09f8c99be0074a
scripts/linux/openwrt/openwrt-starlink-luci-setup.md
Dobromir Popov 3857ae0adb openwrt polymarket without additoional packages
2026-02-16 14:35:09 +02:00

217 lines
10 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# OpenWrt: Connect to Starlink WiFi (client) and route blocked sites via it (LuCI)
Step-by-step using the LuCI web UI where possible. Router: Archer C6, OpenWrt/LuCI. Goal: main WAN stays default; traffic to polymarket (and similar) goes via Starlink WiFi.
---
## Part 1: Connect router to Starlink WiFi (client mode)
You need one radio as **AP** (your LAN WiFi) and one as **Client** (Starlink). Archer C6 has 2.4 GHz and 5 GHz; use one for Starlink client.
### 1.1 Install WiFi client (if needed)
SSH into the router, then:
```bash
opkg update
opkg install wpad-mesh-openssl
```
(Some images already include this. If "Scan" works in LuCI, skip.)
### 1.2 Create the Starlink client interface in LuCI
1. Log in to LuCI (e.g. `http://192.168.0.1`).
2. Go to **Network****Wireless**.
3. You should see two radios (e.g. "Radio0 (2.4 GHz)", "Radio1 (5 GHz)").
4. On the radio you will use for Starlink (e.g. **Radio1 (5 GHz)**):
- Click **Scan**.
- Wait for the list; find your **Starlink WiFi SSID**.
- Click **Join network** next to it.
5. In the dialog:
- **Network**: leave as new (e.g. `wwan`) or set a name like `starlink`.
- **Wireless Security**: choose the encryption (usually **WPA2-PSK**) and enter the **Starlink WiFi password**.
- Leave other options default. Submit.
6. The new interface (e.g. `wwan` or `starlink`) appears under **Network****Wireless** as a **Client** network. Ensure it is **Enabled** and not disabled.
### 1.3 Create a WAN interface for Starlink and assign firewall
The client connection gets an IP via DHCP from Starlink. You must create a protocol interface for it and put it in the **wan** firewall zone so it is used as a WAN.
1. Go to **Network****Interfaces**.
2. Click **Add new interface**:
- **Name**: `wan2` (or `starlink`).
- **Protocol**: **DHCP client**.
- **Device**: select the device that corresponds to the Starlink client (e.g. `wwan` or the wireless device name shown for that client network). If unsure, check **Network****Wireless** and see which device the client is on (e.g. `wlan1`).
- Submit.
3. On the new interfaces page:
- **General Setup**: ensure "Bring up on boot" or similar is checked.
- **Firewall Settings**: assign to **wan** (same zone as your main WAN). Required for NAT and for policy routing (mwan3 or the script in Part 2b).
- **Save & Apply**.
### 1.4 Verify Starlink connectivity
- In **Network****Interfaces**, `wan2` should show an IP (from Starlinks DHCP).
- From a device on your LAN, you can ping 8.8.8.8 (main WAN is still default). To test Starlink alone youll confirm after Part 2 with a policy.
---
## Part 2: Install and configure mwan3 (Load Balancing)
mwan3 will use both WANs: default traffic via main WAN, and specific destination IPs (polymarket) via Starlink.
### 2.1 Install mwan3 (SSH)
LuCI app for mwan3 is not always preinstalled. On the router via SSH:
```bash
opkg update
opkg install mwan3 luci-app-mwan3
```
Then in LuCI you should see **Network****Load Balancing** (or **Multi-WAN**).
### 2.2 Configure interfaces (LuCI)
1. Go to **Network****Load Balancing****Configuration** (or **Interfaces** tab).
2. **Interfaces**:
- You should see **wan** (main) and **wan2** (Starlink). If not, add **wan2**:
- **Interface**: `wan2`
- **Enable**: checked
- **Track IP**: e.g. `8.8.8.8` or `1.1.1.1` (used for health check).
- **Metric**: `20` (higher than wan so default route prefers main WAN).
- **Reliability**: e.g. `1`.
- Save.
- For **wan** (main WAN):
- **Metric**: `10` (lower = preferred for default).
- **Track IP**: e.g. `8.8.8.8`.
- Save.
3. **Members** tab:
- **wan** → member e.g. `wan_m1`, metric `1`.
- **wan2** → member e.g. `wan2_m1`, metric `1`.
4. **Policies** tab:
- **default_policy**: last resort; assign only **wan_m1** (main WAN only). So all traffic that doesnt match a rule uses main WAN.
- Add policy **starlink_only**: assign only **wan2_m1**. This will be used for polymarket IPs.
5. **Rules** tab (order matters; more specific first):
- Add a rule for polymarket:
- **Name**: e.g. `polymarket_via_starlink`
- **Destination address**: see below (polymarket IPs). You can add one rule with multiple IPs/CIDRs or several rules.
- **Policy**: **starlink_only**
- **Sticky**: optional (e.g. 1 minute) so the same connection stays on Starlink.
- Ensure there is a **default** rule:
- **Destination address**: `0.0.0.0/0`
- **Policy**: **default_policy**
- Default rule must be **last** (lowest priority). Polymarket rule must be **above** it.
### 2.3 Polymarket destination IPs
mwan3 matches by **destination IP**, not domain. You need to add the IPs (or CIDRs) for polymarket.com and any related hostnames.
- Resolve from a PC (that can reach polymarket, or use any DNS):
- `nslookup polymarket.com`
- `nslookup www.polymarket.com`
- Add any other subdomains you use (e.g. `gamma-api.polymarket.com`).
- In LuCI **Load Balancing****Rules**, in the polymarket rule set **Destination address** to one of:
- Single IP: `a.b.c.d/32`
- Several IPs: add multiple rules with the same policy, or use a space-separated list if LuCI allows (e.g. `1.2.3.4/32 5.6.7.8/32`).
- CDN IPs can change. If the site stops working via Starlink, resolve the domains again and add/update the IPs in the rule. You can later automate this with a script that updates the mwan3 config or uses ipset.
**Example** (replace with real IPs you resolved):
- Destination address: `104.18.2.2/32 172.67.1.1/32` (example only; get real IPs for polymarket.com).
### 2.4 Save and apply
- **Save & Apply** in **Load Balancing** and in **Network****Interfaces** if you changed anything.
- Test: from a LAN device, open polymarket.com; it should go via Starlink. Other sites still via main WAN.
---
## Part 2b: Policy routing without mwan3 (low flash)
If you cannot install mwan3 (e.g. only ~80 KB free on flash), you can get the same behaviour using **ip rules** and a **custom routing table**. No extra packages: uses `ip`, `resolveip`, `ubus`, `jsonfilter` (all default on OpenWrt).
### 2b.1 Copy and run the script
1. Copy `starlink-policy-route.sh` to the router (e.g. `/etc/starlink-policy-route.sh`).
2. Make it executable: `chmod +x /etc/starlink-policy-route.sh`.
3. Run once when wan2 is up: `/etc/starlink-policy-route.sh setup`.
The script resolves `polymarket.com` and `www.polymarket.com` (via `resolveip`), gets wan2 gateway from `ubus`, adds a default route in table 100 via wan2, and adds `ip rule add to <ip> table 100` for each resolved IP. All other traffic keeps using the main WAN.
### 2b.2 Run on wan2 up (hotplug)
So routes are applied after Starlink (wan2) gets an IP, create a hotplug script:
```bash
# On router: create /etc/hotplug.d/iface/99-starlink-policy
#!/bin/sh
[ "$INTERFACE" = "wan2" ] && [ "$ACTION" = "ifup" ] && /etc/starlink-policy-route.sh setup
```
Make it executable: `chmod +x /etc/hotplug.d/iface/99-starlink-policy`.
### 2b.3 Optional: set IPs manually
If DNS is not ready when the script runs (e.g. wan2 up before main WAN), resolve the domains on a PC and set them in the script:
```bash
# In starlink-policy-route.sh set (replace with real IPs):
POLYMARKET_IPS="104.18.2.2 172.67.1.1"
```
Then the script skips `resolveip` and uses these IPs. Update them if the site stops working (CDN changes).
### 2b.4 Remove routes
To remove the policy routes: `/etc/starlink-policy-route.sh remove`.
---
## Part 2c: Policy routing via LuCI only (static routes)
You can achieve the same result **entirely in LuCI** without mwan3 or scripts by adding **static routes** for each Polymarket IP via wan2. More specific routes override the default route, so traffic to those IPs will use Starlink.
### 2c.1 Get the IPs
On a PC (or any device with DNS): run `nslookup polymarket.com` and `nslookup www.polymarket.com`. Note the IPv4 addresses (e.g. `104.18.x.x`, `172.67.x.x`). Add other hostnames you need (e.g. `gamma-api.polymarket.com`).
### 2c.2 Add static routes in LuCI
1. Go to **Network****Routes** (or **Static routes**, depending on your LuCI).
2. Click **Add** (or **Add new IPv4 route**).
3. For each Polymarket IP:
- **Target**: the IP with `/32` (e.g. `104.18.2.2/32`).
- **Gateway**: choose **Use gateway from interface** and select **wan2** (Starlink), or enter the Starlink gateway IP if your LuCI shows it.
- **Metric**: leave default (e.g. 0) or set the same as other static routes.
- Save.
4. Repeat for every IP you resolved.
5. **Save & Apply**.
Traffic to those destinations will now go via wan2; all other traffic uses the default route (main WAN). If the site stops working later, CDN IPs may have changed—resolve the domains again and add or update the static routes in LuCI.
---
## Part 3: Quick reference (LuCI locations)
| Step | LuCI path |
|-------------------------|-------------------------------------|
| Create Starlink client | Network → Wireless → Scan → Join |
| WAN interface for WiFi | Network → Interfaces → Add (DHCP, wan zone) |
| Load Balancing config | Network → Load Balancing |
| Interfaces (wan, wan2) | Load Balancing → Interfaces |
| Policies | Load Balancing → Policies |
| Rules (polymarket, default) | Load Balancing → Rules |
| Policy without mwan3 | Part 2b: script + hotplug |
| Policy via LuCI only | Part 2c: Network → Routes (static) |
---
## Troubleshooting
- **Starlink client not getting IP**: Check WiFi password; ensure Starlink router is in range; check **Network****Wireless** that the client network is enabled and associated.
- **All traffic still via main WAN**: Ensure the polymarket rule is **above** the default rule; check **Destination address** uses the correct IPs/CIDRs; ensure **starlink_only** policy uses only **wan2_m1**.
- **Polymarket works then stops**: CDN IPs changed; re-resolve the domain(s) and update the rules destination IPs.
- **LuCI "Load Balancing" missing**: Install `luci-app-mwan3` via SSH and refresh the page.
- **Using Part 2b (no mwan3)**: If polymarket stops working, CDN IPs may have changed; run `resolveip -4 polymarket.com` (or from a PC) and set `POLYMARKET_IPS` in the script, or ensure the script runs when DNS is available (e.g. after both WANs are up).
Reference in New Issue View Git Blame Copy Permalink