psylockex
23-08-2004, 20:46
Note [ the original asus fw worked with the rules below, but other functions didnt ]
Ok, my issue is I have been using the same wan/lan filter rules consistently, but since 1.7.5.9-CR3 I find that the router is doing all sorts of funny things.
When using the GUI :
1. it doesnt seem to like more than a couple of entries.
2. if the rules appear to work on first restart ( or reboot ) but soon as something is dropped because of the rules ( this is good ) then all the rest of the originally working connections now get DROPed ( This is Bad ) :eek:
4. I have reflashed, no change.
Am I doing some thing stupid? Is the Web interface no longer the best way to set the filter rules
Anyone have any idea as to the problem ?
Here are the entries used :
DEFAULT ACTION = DROP
S_IP PR D_IP PR Prot
80 192.168.1.100 1000:65000 udp
80 192.168.1.100 1000:65000 tcp
443 192.168.1.100 1000:65000 tcp
110 192.168.1.100 1000:65000 tcp
5190 192.168.1.100 1000:65000 tcp
1863 192.168.1.100 1000:65000 tcp
500 192.168.1.100 1000:65000 udp
4500 192.168.1.100 4500 udp
5060 192.168.1.100 5061 udp
3478 192.168.1.100 3478 udp
24680 192.168.1.100 500 tcp
Then if I web access it works first of all then if I try another application such as Sipps which uses a standard port range to connect 5060/5061; the router blocks[DROP] the attemp and then DROPs everything from then onwards.
It does not seem to matter which app I use the outcome is the same.
The syslog shows that drop eth1 bri0 udp,s-ip 80, dst-ip 1781 Now that should be allowed based on the the rule set above. The same goes for 5060/5061
Anyone have any ideas?
Thanks in advance.
Ok, my issue is I have been using the same wan/lan filter rules consistently, but since 1.7.5.9-CR3 I find that the router is doing all sorts of funny things.
When using the GUI :
1. it doesnt seem to like more than a couple of entries.
2. if the rules appear to work on first restart ( or reboot ) but soon as something is dropped because of the rules ( this is good ) then all the rest of the originally working connections now get DROPed ( This is Bad ) :eek:
4. I have reflashed, no change.
Am I doing some thing stupid? Is the Web interface no longer the best way to set the filter rules
Anyone have any idea as to the problem ?
Here are the entries used :
DEFAULT ACTION = DROP
S_IP PR D_IP PR Prot
80 192.168.1.100 1000:65000 udp
80 192.168.1.100 1000:65000 tcp
443 192.168.1.100 1000:65000 tcp
110 192.168.1.100 1000:65000 tcp
5190 192.168.1.100 1000:65000 tcp
1863 192.168.1.100 1000:65000 tcp
500 192.168.1.100 1000:65000 udp
4500 192.168.1.100 4500 udp
5060 192.168.1.100 5061 udp
3478 192.168.1.100 3478 udp
24680 192.168.1.100 500 tcp
Then if I web access it works first of all then if I try another application such as Sipps which uses a standard port range to connect 5060/5061; the router blocks[DROP] the attemp and then DROPs everything from then onwards.
It does not seem to matter which app I use the outcome is the same.
The syslog shows that drop eth1 bri0 udp,s-ip 80, dst-ip 1781 Now that should be allowed based on the the rule set above. The same goes for 5060/5061
Anyone have any ideas?
Thanks in advance.