Reply With QuoteIf you want for someone to answer a question, then you should post all meaning config info, including IP address, etc.
Junior Member
Have anybody faced this prob, how to solve it?
I have wl-500g with installed Oleg's firmware (release 5a). For some testing purposes (to check what's visible outside) i have turned off firewall. After that router became inaccessible from anywhere. Some experiments gave a possibility to connect it: with WAN detached (I have PPTP connection). Firewall turned on back successfully, but immediatelly after connecting cable it stops beign accessible. I presume there are some changes with routing tables but do not have enough experience to check. what's the place of firewall in whole chain? internet -- firewall -- routing -- lan - is it correct?
What can I do to make the box work? (do not want to reinstall completely)
Administrator
If you want for someone to answer a question, then you should post all meaning config info, including IP address, etc.
Junior Member
Router settings are
[tim@(none) root]$ ifconfig
br0 Link encap:Ethernet HWaddr 00:118:60:1F:96
inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::211:d8ff:fe60:1f96/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:486 errors:0 dropped:0 overruns:0 frame:0
TX packets:220 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:24338 (23.7 KiB) TX bytes:18320 (17.8 KiB)
eth0 Link encap:Ethernet HWaddr 00:11
inet6 addr: fe80::211:d8ff:fe60:1f96/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:129 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:9058 (8.8 KiB)
Interrupt:3 Base address:0x2000
eth1 Link encap:Ethernet HWaddr 00:0D:60:7B:10:C1
inet addr:10.60.30.33 Bcast:10.60.30.255 Mask:255.255.255.0
inet6 addr: fe80::20d:60ff:fe7b:10c1/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:103 errors:0 dropped:0 overruns:0 frame:0
TX packets:274 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:8030 (7.8 KiB) TX bytes:20380 (19.9 KiB)
Interrupt:4 Base address:0x8000
eth2 Link encap:Ethernet HWaddr 00:11
inet6 addr: fe80::211:d8ff:fe60:1f96/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:481 errors:0 dropped:0 overruns:0 frame:8
TX packets:299 errors:7 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:30631 (29.9 KiB) TX bytes:27468 (26.8 KiB)
Interrupt:6 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1
RX packets:174 errors:0 dropped:0 overruns:0 frame:0
TX packets:174 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:15332 (14.9 KiB) TX bytes:15332 (14.9 KiB)
ppp0 Link encap:Point-Point Protocol
inet addr:212.45.14.74 P-t-P:10.60.11.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING MULTICAST MTU:1492 Metric:1
RX packets:25 errors:0 dropped:0 overruns:0 frame:0
TX packets:243 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:950 (950.0 B) TX bytes:13953 (13.6 KiB)
[tim@(none) root]$ iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
logdrop all -- anywhere anywhere state INVALID
logaccept all -- anywhere anywhere state RELATED,ESTAB
ACCEPT all -- anywhere anywhere state NEW
ACCEPT all -- anywhere anywhere state NEW
logaccept tcp -- anywhere anywhere tcp dpt:www
logaccept tcp -- anywhere anywhere tcp dpt:ftp
logaccept icmp -- anywhere anywhere
logdrop all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
logaccept all -- anywhere anywhere state RELATED,ESTAB
logdrop all -- anywhere anywhere state INVALID
logaccept all -- anywhere anywhere
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/S
logaccept tcp -- anywhere anywhere tcp flags:SYN,RST,A
logaccept tcp -- anywhere anywhere tcp flags:FIN,SYN,R
logaccept icmp -- anywhere anywhere limit: avg 1/sec bu
logaccept tcp -- anywhere 192.168.0.33 tcp dpt:3389
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain MACS (0 references)
target prot opt source destination
Chain logaccept (10 references)
target prot opt source destination
LOG all -- anywhere anywhere state NEW LOG level
ACCEPT all -- anywhere anywhere
Chain logdrop (3 references)
target prot opt source destination
LOG all -- anywhere anywhere state NEW LOG level
DROP all -- anywhere anywhere
Pls advise what is wrong and what's the procedure to fix the thing?
Administrator
Do you've post-firewall script? If so disable it.
Also disable LAN to WAN filter on the config pages.
Junior Member
I've performed installation from factory defaults and now it works. Oleg, what goes first - firewall or routing procedure? Is it correct that forewall = certain iptables settings?
Administrator
Never checked this.Originally Posted by tim
Yes.Is it correct that forewall = certain iptables settings?
Posting Permissions