CREATIVE_tg1/github-copilot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e5dc08987dc06f0450011c8972ff2d10be34d87f
github-copilot/.github/skills/openwrt-vpn-routing/SKILL.md
T
ВяткинАртём e5dc08987d feat: Add new agents and skills for Docker, TestLink, and OpenWrt 
- Introduced "Docker Build & Test Engineer" agent for building and testing Docker images.
- Added "TestLink Autotest Engineer" agent for generating and verifying autotests from TestLink cases.
- Created "Branch Review Engineer" agent for reviewing branch diffs and proposing improvements.
- Developed "OpenWrt VPN & Network Engineer" agent for designing and implementing OpenWrt networking with VPN.
- Established a structured directory for agents, skills, prompts, instructions, and hooks under `.github/`.
- Implemented detailed skills for branch review processes, including reading code, analyzing improvements, and applying changes.
- Added skills for OpenWrt network discovery, VPN routing, and hardening.
- Created README files for better documentation and navigation of the repository structure.
2026-04-08 09:47:18 +03:00

2.1 KiB
Raw Blame History

name, description, argument-hint
name description argument-hint
openwrt-vpn-routing Design and implement OpenWrt VPN routing with xray/sing-box/WireGuard/OpenVPN, DNS, split tunneling, GeoIP, ASN, and selective tunnel by destination IP. Use when: openwrt vpn routing, policy based routing, split tunneling openwrt, xray routing rules, sing-box route rules, geoip asn tunnel policy. Confirmed topology and tunnel policy from discovery stage

OpenWrt VPN Routing

Design and produce concrete configuration for advanced OpenWrt VPN routing.

Inputs Required

  • Discovery summary from openwrt-network-discovery
  • Chosen VPN stack and endpoint details
  • Explicit tunnel policy (IP/domain/GeoIP/ASN)

Procedure

Step 1 - Select Control Plane

Choose one primary routing controller:

  • pbr package for policy-based routing
  • native ip rule + custom routing tables
  • service-level route control in xray/sing-box

Document why the selected approach fits the request.

Step 2 - Build Tunnel and Interface Mapping

Define:

  • tunnel interface lifecycle and startup order
  • firewall zones and forwarding path
  • metric priorities and failover behavior

Step 3 - Implement Selective Routing

Implement selective tunnel behavior for:

  • static destination IP sets
  • domain groups resolved into nft/ipset targets
  • GeoIP categories
  • ASN-based destination grouping

Ensure LAN bypass and management-plane safety are explicit.

Step 4 - Configure DNS Path

Set DNS so route policy and resolver path are consistent:

  • resolver selection for tunneled and non-tunneled traffic
  • anti-leak controls
  • optional encrypted DNS

Step 5 - Produce Config and Commands

Provide practical snippets for:

  • /etc/config/network
  • /etc/config/firewall
  • /etc/config/pbr (if used)
  • xray or sing-box route blocks
  • validation commands

Validation Checklist

  • ip rule show
  • ip route show table <id>
  • nft list ruleset
  • test destination inside and outside tunnel policy
  • DNS resolver path checks

Output Format

## VPN Routing Plan

### Architecture
- ...

### Config Snippets
- file: ...
- snippet: ...

### Apply Order
1. ...
2. ...
3. ...

### Validation
- ...
Reference in New Issue View Git Blame Copy Permalink