Source: https://gist.github.com/braian87b/64440dec125d2b2f0ddc600c490988db
# a new OpenVPN instance:
uci set openvpn.nord_us=openvpn
uci set openvpn.nord_us.enabled='1'
uci set openvpn.nord_us.config='/etc/openvpn/nordvpn.us.conf'
# a new network interface for tun:
uci set network.nord_us=interface
uci set network.nord_us.proto='none' #dhcp #none
uci set network.nord_us.ifname='tun0'
# a new firewall zone (for VPN):
uci add firewall zone
uci set firewall.@zone[-1].name='vpn'
uci set firewall.@zone[-1].input='REJECT'
uci set firewall.@zone[-1].output='ACCEPT'
uci set firewall.@zone[-1].forward='REJECT'
uci set firewall.@zone[-1].masq='1'
uci set firewall.@zone[-1].mtu_fix='1'
uci add_list firewall.@zone[-1].network='nord_us'
# enable forwarding from LAN to VPN:
uci add firewall forwarding
uci set firewall.@forwarding[-1].src='lan'
uci set firewall.@forwarding[-1].dest='vpn'
# Finally, you should commit UCI changes:
uci commit
You'll need to configure the password too
Create /etc/openvpn/pass.txt with:
username
password
add setting:
uci set openvpn.nord_us.auth_user_pass='/etc/openvpn/pass.txt'
uci commit openvpn