After a while of using my router with NAT running on a virtual server (just added a few rules to permit some incoming services) , it suddenly stops to pass outgoing connections through. IE I simply can't connect to anything outside my own network. A simple reboot of the router fixes it. Anyone can help fix this problem?


Also, where is the UDP rule for (ACCEPT udp -- anywhere anywhere udp dpt:6112)?

Firmware 1.8.1.7-3
I had the same problem on the previous release: 1.8.1.7-2

Iptables -L output (port numbers replaced by X, Y, Z etc)
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere state NEW
ACCEPT all -- anywhere anywhere state NEW
DROP all -- anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN limit: avg 1/sec burst 5
ACCEPT tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5
ACCEPT icmp -- anywhere anywhere limit: avg 1/sec burst 5 icmp echo-request
ACCEPT tcp -- anywhere 192.168.1.3 tcp dpt:X
ACCEPT tcp -- anywhere 192.168.1.3 tcp dpt:Y
ACCEPT tcp -- anywhere 192.168.1.2 tcp dpt:Z
ACCEPT tcp -- anywhere 192.168.1.2 tcp dpt:W
ACCEPT tcp -- anywhere 192.168.1.2 tcp dpt:V
ACCEPT udp -- anywhere anywhere udp dpt:6112

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain logaccept (0 references)
target prot opt source destination
LOG all -- anywhere anywhere state NEW LOG level warning tcp-sequence tcp-options ip-options prefix `ACCEPT '
ACCEPT all -- anywhere anywhere

Chain logdrop (0 references)
target prot opt source destination
LOG all -- anywhere anywhere state NEW LOG level warning tcp-sequence tcp-options ip-options prefix `DROP'
DROP all -- anywhere anywhere

Seems to me you have the 'WAN die' problem. Search the forum for that and you will find some answers and solutions.

Hint: use BETA firmware 1.8.2.4

[QUOTE=Styno]Seems to me you have the 'WAN die' problem. Search the forum for that and you will find some answers and solutions.

I updated the max connections to 8192 (was 4096) and fixed the linespeed ot 10MBPS full dpl. Dunno if that helps, but it hasn't stopped yet.

Another problem I was experiencing with NAT is that incoming ports die after a while. That is, i configured to let SSH through from outside inward and it worked. But then after a while it stopped working, altho the port is still open in IPtables. But a connect to it fails. Same with amule port. Rebooting the modem does *not* help. IPtables mentions no packets arrived on the port. My adsl modem is configured to forward anything to my asus. When I put it on another port - no troubles for that port.

I've used the "NAT Setting - Virtual Server" from the web interface to configure it.

Any thoughts on this any one?