If you want for someone to answer a question, then you should post all meaning config info, including IP address, etc.
Have anybody faced this prob, how to solve it?
I have wl-500g with installed Oleg's firmware (release 5a). For some testing purposes (to check what's visible outside) i have turned off firewall. After that router became inaccessible from anywhere. Some experiments gave a possibility to connect it: with WAN detached (I have PPTP connection). Firewall turned on back successfully, but immediatelly after connecting cable it stops beign accessible. I presume there are some changes with routing tables but do not have enough experience to check. what's the place of firewall in whole chain? internet -- firewall -- routing -- lan - is it correct?
What can I do to make the box work? (do not want to reinstall completely)
If you want for someone to answer a question, then you should post all meaning config info, including IP address, etc.
Router settings are
[tim@(none) root]$ ifconfig
br0 Link encap:Ethernet HWaddr 00:118:60:1F:96
inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::211:d8ff:fe60:1f96/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:486 errors:0 dropped:0 overruns:0 frame:0
TX packets:220 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:24338 (23.7 KiB) TX bytes:18320 (17.8 KiB)
eth0 Link encap:Ethernet HWaddr 00:118:60:1F:96
inet6 addr: fe80::211:d8ff:fe60:1f96/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:129 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:9058 (8.8 KiB)
Interrupt:3 Base address:0x2000
eth1 Link encap:Ethernet HWaddr 00:0D:60:7B:10:C1
inet addr:10.60.30.33 Bcast:10.60.30.255 Mask:255.255.255.0
inet6 addr: fe80::20d:60ff:fe7b:10c1/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:103 errors:0 dropped:0 overruns:0 frame:0
TX packets:274 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:8030 (7.8 KiB) TX bytes:20380 (19.9 KiB)
Interrupt:4 Base address:0x8000
eth2 Link encap:Ethernet HWaddr 00:118:60:1F:96
inet6 addr: fe80::211:d8ff:fe60:1f96/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:481 errors:0 dropped:0 overruns:0 frame:8
TX packets:299 errors:7 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:30631 (29.9 KiB) TX bytes:27468 (26.8 KiB)
Interrupt:6 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1
RX packets:174 errors:0 dropped:0 overruns:0 frame:0
TX packets:174 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:15332 (14.9 KiB) TX bytes:15332 (14.9 KiB)
ppp0 Link encap:Point-Point Protocol
inet addr:212.45.14.74 P-t-P:10.60.11.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING MULTICAST MTU:1492 Metric:1
RX packets:25 errors:0 dropped:0 overruns:0 frame:0
TX packets:243 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:950 (950.0 B) TX bytes:13953 (13.6 KiB)
[tim@(none) root]$ iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
logdrop all -- anywhere anywhere state INVALID
logaccept all -- anywhere anywhere state RELATED,ESTAB
ACCEPT all -- anywhere anywhere state NEW
ACCEPT all -- anywhere anywhere state NEW
logaccept tcp -- anywhere anywhere tcp dpt:www
logaccept tcp -- anywhere anywhere tcp dpt:ftp
logaccept icmp -- anywhere anywhere
logdrop all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
logaccept all -- anywhere anywhere state RELATED,ESTAB
logdrop all -- anywhere anywhere state INVALID
logaccept all -- anywhere anywhere
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/S
logaccept tcp -- anywhere anywhere tcp flags:SYN,RST,A
logaccept tcp -- anywhere anywhere tcp flags:FIN,SYN,R
logaccept icmp -- anywhere anywhere limit: avg 1/sec bu
logaccept tcp -- anywhere 192.168.0.33 tcp dpt:3389
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain MACS (0 references)
target prot opt source destination
Chain logaccept (10 references)
target prot opt source destination
LOG all -- anywhere anywhere state NEW LOG level
ACCEPT all -- anywhere anywhere
Chain logdrop (3 references)
target prot opt source destination
LOG all -- anywhere anywhere state NEW LOG level
DROP all -- anywhere anywhere
Pls advise what is wrong and what's the procedure to fix the thing?
Do you've post-firewall script? If so disable it.
Also disable LAN to WAN filter on the config pages.
I've performed installation from factory defaults and now it works. Oleg, what goes first - firewall or routing procedure? Is it correct that forewall = certain iptables settings?
Never checked this.Originally Posted by tim
Yes.Is it correct that forewall = certain iptables settings?