All, I have implemented the dynamic IPENCAP firewall script in OpenWRT; and it works! I had to either: - bootstrap AMPRGW's IPENCAP firewall rule (causing the router to receive AMPRGW's first route statement, causing execution of load_ipipfilter.sh) by ampr-ripd; or - create symbolic links for the OpenWRT OS to save encap.txt into a persistent location /etc/config (and bootstrap by creating an empty encap.txt file there), then run load_ipipfilter.sh from Startup. In addition, it would of course load all other routes/firewall rules. - Lastly, I had to discover why, after having ran the script, I was unable to add the IPENCAP firewall rule to the ipipfilter CHAIN via Custom Firewall Rules. I just explicitly created the CHAIN by adding this rule before: iptables -N ipipfilter I managed to make symbolic links for encap.txt, and save it to persistent storage at /etc/config/encap.txt I opted for the symbolic link method, as this solved another issue of not being able to load routes on startup using OpenWRT devices (due to /var/lib/ampr-ripd not being a persistent storage location in that OS. The information has been added to the OpenWRT and ipencap wikis. 73 - Lynwood KB3VWG On 10/12/2016 03:00 PM, Rob wrote: