ChatGPT (brief for Chat Generative Pre-trained Transformer) is a chatbot by OpenAI. It gives solutions to your queries utilizing studying strategies primarily based on AI/ML. Sadly, ChatGPT deny entry when linked by way of VPN (Digital Personal Community) akin to WireGuard or OpenVPN, and you can be blocked with the next message:
Allow us to see methods to skip the ChatGPT area from WireGuard or OpenVPN entry whilst you can entry company sources behind VPN.
Commercial
Process to skip ChatGPT from WireGuard or OpenVPN on Linux
The logic is easy. Discover the chat.openai.com IP tackle and set the routing coverage to skip the VPN interface. By default, WireGuard or OpenVPN will route all site visitors by way of the VPN interface however I’ll set metrics decrease than WireGuard or OpenVPN interface and instantly route the chat.openai.com site visitors by way of my router as a substitute of the VPN. My setup is as follows:
- Debian or Ubuntu Linux desktop
- WireGuard or OpenVPN positioned at Linode or AWS
- Default router IPv4: 192.168.2.254
Step 1 – Discover your default routing information
As soon as linked to WireGuard/OpenVPN, use the ip command to record the routing desk:$ ip route present
Here’s what I see:
default by way of 192.168.2.254 dev enp0s31f6 proto dhcp metric 100
10.83.200.0/24 dev lxdbr0 proto kernel scope hyperlink src 10.83.200.1
169.254.0.0/16 dev ln-sg scope hyperlink metric 1000
172.16.0.0/24 dev ln-sg proto kernel scope hyperlink src 172.16.0.6 metric 50
192.168.2.0/24 dev enp0s31f6 proto kernel scope hyperlink src 192.168.2.25 metric 100
My WireGuard interface named ‘ln-sg’ take precedence utilizing metric 50 over the default metric 100. So the trick is so as to add the chat.openai.com IP tackle with a decrease metric and instantly move it by way of 192.168.2.254 default gateway IP tackle.
A proof of the Computerized Metric function for IPv4 routes
Router metrics are configuration values to make routing choices. Router metrics assist the router select the very best route amongst a number of possible routes to a vacation spot. The route will go within the course of the gateway with the bottom metric. A router metric is usually primarily based on info akin to path size, bandwidth, load, hop rely, path price, delay, most transmission unit (MTU), reliability and communications price.
| Hyperlink/Dest/Route | Metric |
|---|---|
| chat.openai.com (or some other IP/area of your alternative) | 10 |
| WireGuard/OpenVPN | 50 |
| Default | 100 |
Step 2 – Discovering out the chat.openai.com IP tackle
Use the dig command or host command:$ d='chat.openai.com'
$ dig +brief A "$d" | grep -v '.$'
$ ips="$(dig +brief A "$d" | grep -v '.$')"
$ echo "$ips"
Step 3 – Including the chat.openai.com IP tackle to routing desk
Allow us to set some shell variable:$ my_gw="192.168.2.254" #Default GW
$ metric="10" #Routing metric worth
Allow us to use bash for loop so as to add these IPs:
for i in $ips do sudo ip route add "$i" by way of "$my_gw" metric "$metric" finished
Need to record newly added IP tackle? Use the ip command:$ ip route present
$ ip route present | grep -w 'metric 10'
Here’s what I see:
104.18.2.161 by way of 192.168.2.254 dev enp0s31f6 metric 10 104.18.3.161 by way of 192.168.2.254 dev enp0s31f6 metric 10
Step 4 – Take a look at it
Hearth the online browser and check it by visiting https://chat.openai.com/ URL:
Click on to enlarge
And voila. That’s how one can skip the ChatGPT area from WireGuard or OpenVPN on Linux.
Step 5 – Deleting the chat.openai.com IP tackle from the routing desk
Once more use the ip command as follows:$ for i in $ips; do sudo ip route del "$i"; finished
Step 6 – Making a shell script for automation
The chat.openai.com will change its IP tackle occasionally. So here’s a generic script that provides, removes, and lists chat.openai.com and some different domains that refused to work when linked to VPN.
routing.coverage shell script
#!/bin/bash
# routing.coverage - Most important script so as to add, take away and record routing coverage
# Creator : Vivek Gite {www.cyberciti.biz} underneath GPLv 2.x+
# ----------------------------------------------------------------------
set -e
# Set metric and gateway as per your wants
metric="10"
my_gw="192.168.2.254"
area="chat.openai.com fb.com fbcdn.internet static.xx.fbcdn.internet www.fb.com"
ips=""
me="${0##*/}" # who am I?
get_domain_ip_lists(){
for d in $area
do
ips="${ips} $(dig +brief A "$d" | grep -v '.$')"
finished
ips="${ips/$'n'/ }" # take away 'n'
ips="$(tr ' ' 'n'<<<"${ips}" | kind -u | xargs)" # take away duplicate ips
}
is_route_exists(){
native i="$1"
out="$(ip route present "$i")"
if [[ "$out" != "" ]]
then
return 0 # True
else
return 1 # False
fi
}
add_opneapi_route(){
check_for_root_user
echo "Including ${ips/$'n'/,} to routing desk ..." 1>&2
for i in $ips
do
if ! is_route_exists "$i"
then
sudo ip route add "$i" by way of "$my_gw" metric "$metric"
else
echo "$me route for $i already exists, skiping ..."
fi
finished
}
remove_opneapi_route(){
check_for_root_user
echo "Eradicating ${ips/$'n'/,} from routing desk ..." 1>&2
for i in $ips
do
if is_route_exists "$i"
then
sudo ip route del "$i" by way of "$my_gw"
else
echo "$me route for $i not discovered, skiping ..."
fi
finished
}
show_openapi_route_status(){
echo "Routing information for the '$area' (${ips/$'n'/,}) ..." # take away newline from the ${ips}
for i in $ips
do
ip route present "$i"
finished
}
check_for_root_user(){
if [[ $EUID -ne 0 ]]; then
echo "$me script should be run as root" 1>&2
exit 1
fi
}
## foremost ##
get_domain_ip_lists # set '$ips'
case "$me" in
routing.coverage.add) add_opneapi_route;;
routing.coverage.delete) remove_opneapi_route;;
routing.coverage.take away) remove_opneapi_route;;
routing.coverage.present) show_openapi_route_status;;
routing.coverage.standing) show_openapi_route_status;;
*) echo "Utilization: routing.coverage.add|routing.coverage.delete|routing.coverage.standing";;
esac
Creating softlink utilizing the ln command
First, arrange execution permission utilizing the chmod command
$ chmod +x -v routing.coverage
mode of 'routing.coverage' modified from 0664 (rw-rw-r--) to 0775 (rwxrwxr-x)
Now set these hyperlinks:$ ln -sv routing.coverage routing.coverage.add
$ ln -sv routing.coverage routing.coverage.take away
$ ln -sv routing.coverage routing.coverage.delete
$ ln -sv routing.coverage routing.coverage.present
$ ln -sv routing.coverage routing.coverage.standing
Confirm it utilizing the ls command:$ ls -l routing.coverage*
Outputs:
-rwxrwxr-x 1 vivek vivek 1913 Feb 3 00:07 routing.coverage lrwxrwxrwx 1 vivek vivek 14 Feb 3 00:08 routing.coverage.add -> routing.coverage lrwxrwxrwx 1 vivek vivek 14 Feb 3 00:08 routing.coverage.delete -> routing.coverage lrwxrwxrwx 1 vivek vivek 14 Feb 3 00:08 routing.coverage.take away -> routing.coverage lrwxrwxrwx 1 vivek vivek 14 Feb 3 00:08 routing.coverage.present -> routing.coverage lrwxrwxrwx 1 vivek vivek 14 Feb 3 00:08 routing.coverage.standing -> routing.coverage
Take a look at it:$ sudo ./routing.coverage.add
$ sudo ./routing.coverage.standing
$ traceroute chat.openai.com #<--test routing
$ sudo ./routing.coverage.delete
Summing up
I examined this on my Debian and Ubuntu Linux desktop with WireGuard and OpenVPN. It labored like a allure and will work with some other Linux distro so long as ip command works. In brief, we will skip particular IP addresses from being routed by means of a VPN connection on Linux (or some other working system akin to macOS or BSD) so long as you may add routing guidelines to the system’s routing desk. You’ll be able to run this script mechanically by including a hook when NetworkManager connects to your OpenVPN or WireGuard interface. For instance, put a script in /and so forth/community/if-up.d/ and make it executable. This can run the script when the VPN interface comes on-line. Equally, put a script in /and so forth/community/if-down.d/ whenever you wish to run it when the VPN interface goes down. See NetworkManager handbook web page utilizing the man command:$ man 8 NetworkManager
