6 Jun
2016
6 Jun
'16
2:43 p.m.
I concur with Bob. I've had Comcast before (though, I always used my own
device - connecting to a DOCSIS-to-Ethernet bridge/Cable Modem). I've
never had success using a consumer-grade router, unless it had DD-WRT or
OpenWRT installed, or I used a Linux server. Some D-Link devices permit
forwarding of protocols other than TCP/UDP, select the 'Other' option,
and place the number 4 in the box for IPENCAP.
Otherwise, most DMZ settings on consumer routers only forward TCP and
UDP traffic. Since 44net (including RIP44) packets are encapsulated
within IPENCAP (IP Protocol No. 4), you must forward that protocol. The
Iptables Firewall is the same as on other *nix devices. If you are
NATing to a device inside your LAN, the commands are similar to:
# iptables -t filter -I INPUT -p 4 -i eth0 -j ACCEPT
# iptables -t nat -I PREROUTING -p 4 -j DNAT --to-destination 192.0.2.8
Ensure that you are in fact seeing IPENCAP traffic entering your Local
Network at your device (e.g. the to-destination address specified).
Within the IPENCAP packets, you should see the password.
I should also note, that I currently use Verizon FiOS; and I noticed
when using their router as my border gateway, that the IPENCAP entry I
make is administratively removed (Verizon has a back-door into their
routers on tcp/4567) from upstream at intermittent times (I've been told
this is because it's 'hard' for the carrier to track and/or rate-limit
non TCP/UDP traffic). So be certain that your carrier it not removing
firewall entires, especially if you were successful in the past.
73,
- Lynwood
KB3VWG