Bekijk de volledige versie : Firewall/Filter rules bug ?

23-08-2004, 08:29
First of all many thanks to Oleg and all contributors to this forum without which I would have a pretty useless WL500g.

Ok, my issue is I have been using the same wan/lan filter rules consistently, but since I find that the router is doing all sorts of funny things.

1. it doesnt seem to like more than a couple of entries.
2. if I have 10 entries and delete 1 then all the rules screw up.
3. if the rules appear to work on first restart ( or reboot ) but soon as something is dropped because of the rules ( this is good ) then ALL THE REST OF THE OTHER RULES START GETTING BLOCKED ( This is Bad )
4. I have reflashed, no change.

Am I doing some thing stupid? Is the Web interface no longer used to set the filter rules
Anyone have any idea as to the problem ?

Here are the entries used :

80 1000:65000 udp
80 1000:65000 tcp
443 1000:65000 tcp
110 1000:65000 tcp
5190 1000:65000 tcp
1863 1000:65000 tcp
500 1000:65000 udp
4500 4500 udp
5060 5061 udp
3478 3478 udp
24680 500 tcp

Then if I web access it works first of all then
if I try another application such as Sipps which uses 3 standard port ranges to connect I allow just one of the ranges through 5060/5061 ( this did work and still does without the router ) the router blocks the first attemp 8000/8002 and then BLOCKS evrything from the onwards

The syslog shows that drop eth1 bri0 udp,s-ip 80, dst-ip 1781 Now that should be allowed based on the the rule set above.

Also the same rules appear to work on a Debian acting as a firewall.

Anyone have any ideas?

Thanks in advance.