文章介绍:使用当前最新版本 vyos-1.4.0-epa2,配置域名路由,实现指定域名走指定出口访问,当我们vyos上有多个出口时才会使用,但是当前还存在一个致命问题,不支持域名通配符,期待官方尽快更新。个人设想如果可以支持设定域名文件位置最好,比如:set firewall group domain-group chatgpt address '/config/chatgpt.txt',然后域名文件内可以支持域名通配符,简直绝了。
一、域名列表配置
set firewall group domain-group chatgpt address 'forum.openai.com'
set firewall group domain-group chatgpt address 'cdn.openai.com'
set firewall group domain-group chatgpt address 'api.openai.com'
set firewall group domain-group chatgpt address 'staging.openai.com'
set firewall group domain-group chatgpt address 'apps.openai.com'
set firewall group domain-group chatgpt address 'beta.openai.com'
set firewall group domain-group chatgpt address 'images.openai.com'
set firewall group domain-group chatgpt address 'help.openai.com'
set firewall group domain-group chatgpt address 'chat.openai.com'
set firewall group domain-group chatgpt address 'community.openai.com'
set firewall group domain-group chatgpt address 'auth.openai.com'
set firewall group domain-group chatgpt address 'events.openai.com'
set firewall group domain-group chatgpt address 'share.openai.com'
set firewall group domain-group chatgpt address 'status.openai.com'
set firewall group domain-group chatgpt address 'pay.openai.com'
set firewall group domain-group chatgpt address 'labs.openai.com'
set firewall group domain-group chatgpt address 'accounts.openai.com'
set firewall group domain-group chatgpt address 'production.openai.com'
set firewall group domain-group chatgpt address 'platform.openai.com'
set firewall group domain-group chatgpt address 'playground.openai.com'
set firewall group domain-group chatgpt address 'trust.openai.com'
set firewall group domain-group chatgpt address 'privacy.openai.com'
set firewall group domain-group chatgpt address 'grants.openai.com'
set firewall group domain-group chatgpt address 'gym.openai.com'
set firewall group domain-group chatgpt address 'sora.openai.com'
set firewall group domain-group chatgpt address 'glow.openai.com'
set firewall group domain-group chatgpt address 'jukebox.openai.com'
set firewall group domain-group chatgpt address 'microscope.openai.com'
set firewall group domain-group chatgpt address 'feather.openai.com'
set firewall group domain-group chatgpt address 'cookbook.openai.com'
set firewall group domain-group chatgpt address 'beta.api.openai.com'
set firewall group domain-group chatgpt address 'help.api.openai.com'
set firewall group domain-group chatgpt address 'labs.api.openai.com'
set firewall group domain-group chatgpt address 'accounts.api.openai.com'
set firewall group domain-group chatgpt address 'platform.api.openai.com'
set firewall group domain-group chatgpt address 'playground.api.openai.com'
set firewall group domain-group chatgpt address 'sora.api.openai.com'
set firewall group domain-group chatgpt address 'cloudflare.api.openai.com'
set firewall group domain-group chatgpt address 'cdn.staging.openai.com'
set firewall group domain-group chatgpt address 'search.apps.openai.com'
set firewall group domain-group chatgpt address 'snc.apps.openai.com'
set firewall group domain-group chatgpt address 'staging.images.openai.com'
set firewall group domain-group chatgpt address 'api-iam.intercom.io'
set firewall group domain-group chatgpt address 'widget.intercom.io'
set firewall group domain-group chatgpt address 'auth0.openai.com'
set firewall group domain-group chatgpt address 'cdn.auth0.com'
set firewall group domain-group chatgpt address 'cdn.discordapp.com'
set firewall group domain-group chatgpt address 'cdn.oaistatic.com'
set firewall group domain-group chatgpt address 'js.intercomcdn.com'
set firewall group domain-group chatgpt address 'chatgpt.com'
set firewall group domain-group chatgpt address 'chat.openai.com.cdn.cloudflare.net'
set firewall group domain-group chatgpt address 'openai.com'
set firewall group domain-group chatgpt address 'browser-intake-datadoghq.com'
set firewall group domain-group chatgpt address 'static.cloudflareinsights.com'
set firewall group domain-group chatgpt address 'ai.com'
set firewall group domain-group chatgpt address 'algolia.net'
set firewall group domain-group chatgpt address 'api.statsig.com'
set firewall group domain-group chatgpt address 'auth0.com'
set firewall group domain-group chatgpt address 'chatgpt.livekit.cloud'
set firewall group domain-group chatgpt address 'client-api.arkoselabs.com'
set firewall group domain-group chatgpt address 'events.statsigapi.net'
set firewall group domain-group chatgpt address 'featuregates.org'
set firewall group domain-group chatgpt address 'host.livekit.cloud'
set firewall group domain-group chatgpt address 'identrust.com'
set firewall group domain-group chatgpt address 'intercom.io'
set firewall group domain-group chatgpt address 'intercomcdn.com'
set firewall group domain-group chatgpt address 'launchdarkly.com'
set firewall group domain-group chatgpt address 'oaistatic.com'
set firewall group domain-group chatgpt address 'oaiusercontent.com'
set firewall group domain-group chatgpt address 'observeit.net'
set firewall group domain-group chatgpt address 'segment.io'
set firewall group domain-group chatgpt address 'sentry.io'
set firewall group domain-group chatgpt address 'stripe.com'
set firewall group domain-group chatgpt address 'turn.livekit.cloud'
set firewall group domain-group chatgpt address 'www.chatgpt.com'
set firewall group domain-group chatgpt address 'search.chatgpt.com'
set firewall group domain-group chatgpt address 'ab.chatgpt.com'
set firewall group domain-group chatgpt address 'webrtc.chatgpt.com'
set firewall group domain-group chatgpt address 'snc.chatgpt.com'
set firewall group domain-group chatgpt address 'chatgpt-async-webps-prod-southcentralus-5.chatgpt.com'
set firewall group domain-group chatgpt address 'chatgpt-async-webps-prod-centralus-5.chatgpt.com'
set firewall group domain-group chatgpt address 'tcr9i.chat.openai.com'
set firewall group domain-group chatgpt address 'nexus-websocket-a.intercom.io'
set firewall group domain-group chatgpt address 'o33249.ingest.sentry.io'
set firewall group domain-group chatgpt address 'anthropic.com'
set firewall group domain-group chatgpt address 'vimeocdn.com'
set firewall group domain-group chatgpt address 'blob.core.windows.net'
set firewall group domain-group chatgpt address 'openaicom.imgix.net'
set firewall group domain-group chatgpt address 'azurefd.net'
set firewall group domain-group chatgpt address 'azureedge.net'
set firewall group domain-group chatgpt address 'cdn.cloudflare.net'
set firewall group domain-group chatgpt address 'challenges.cloudflare.com'
set firewall group domain-group chatgpt address 'cloudflareinsights.com'
set firewall group domain-group chatgpt address 'akamaized.net'
set firewall group domain-group chatgpt address 'gstatic.com'
set firewall group domain-group chatgpt address 'vimeo.com'
set firewall group domain-group chatgpt address 'f7tk.com'
set firewall group domain-group chatgpt address 'doubleclick.net'
set firewall group domain-group chatgpt address 'openaiapi-site.azureedge.net'
set firewall group domain-group chatgpt address 'statsigapi.net'
set firewall group domain-group chatgpt address 'pki.goog'
set firewall group domain-group chatgpt address 'edgecompute.app'
set firewall group domain-group chatgpt address 'compute-pipe.com'
set firewall group domain-group chatgpt address 'invoice.stripe.com'
set firewall group domain-group chatgpt address 'stripe.network'
set firewall group domain-group chatgpt address 'gpt3sandbox.com'
set firewall group domain-group chatgpt address 'hcaptcha.com'
set firewall group domain-group chatgpt address 'recaptcha.net'
set firewall group domain-group chatgpt address 'msftconnecttest.com'
set firewall group domain-group chatgpt address 'poe.com'
set firewall group domain-group chatgpt address 'nrt12s30-in-f4.1e100.net'
set firewall group domain-group chatgpt address 'static-ecst.licdn.com'
set firewall group domain-group chatgpt address 'cs1404.wpc.epsiloncdn.net'
set firewall group domain-group chatgpt address 'api-js.mixpanel.com'
set firewall group domain-group chatgpt address 'jidori.g1.internal.services.openai.org'
set firewall group domain-group chatgpt address 'js.stripe.com'
set firewall group domain-group chatgpt address 'ssl.gstatic.com'
set firewall group domain-group chatgpt address 'encrypted-tbn0.gstatic.com'
set firewall group domain-group chatgpt address 's.gravatar.com'
set firewall group domain-group chatgpt address '1e100.net'
set firewall group domain-group chatgpt address 'akamaitechnologies.com'
set firewall group domain-group chatgpt address 'a-msedge.net'
set firewall group domain-group chatgpt address 'cloudflare.com'
set firewall group domain-group chatgpt address 'cloudfront.net'
set firewall group domain-group chatgpt address 'epsiloncdn.net'
set firewall group domain-group chatgpt address 'javascript.info'
set firewall group domain-group chatgpt address 'licdn.com'
set firewall group domain-group chatgpt address 'livekit.cloud'
set firewall group domain-group chatgpt address 'statsig.com'
set firewall group domain-group chatgpt address 'revenuecat.com'
set firewall group domain-group chatgpt address 'mixpanel.com'
set firewall group domain-group chatgpt address 'openai.org'
set firewall group domain-group chatgpt address 'webpubsub.azure.com'
set firewall group domain-group chatgpt address 'gravatar.com'
set firewall group domain-group chatgpt address 'azure.com'
set firewall group domain-group chatgpt address 'openaicom-api-bdcpf8c6d2e9atf6.z01.azurefd.net'
set firewall group domain-group chatgpt address 'openaicomproductionae4b.blob.core.windows.net'
set firewall group domain-group chatgpt address 'production-openaicom-storage.azureedge.net'
set firewall group domain-group chatgpt address 'www.openai.com'
set firewall group domain-group chatgpt address 'android.chat.openai.com'
set firewall group domain-group chatgpt address 'ios.chat.openai.com'
set firewall group domain-group chatgpt address 'other.feather.openai.com'
二、策略路由配置
set policy route lan-map interface 'eth0'
set policy route lan-map rule 100 destination group domain-group 'chatgpt'
set policy route lan-map rule 100 set table '100'
set policy route lan-map rule 100 source address '10.225.97.0/24'
set protocols static table 100 route 0.0.0.0/0 next-hop 10.9.7.1
三、电脑tracert测试
