30 Jul
2016
30 Jul
'16
10:51 a.m.
Hello,
I had a problem to let rip44d after an OpenWrt Chaos Calmer 15.05, but was
dropped dmz traffic ipencap 169.228.66.251 not passed to the second
router.
In openwrt menu: Network -> Firewall -> Custom Rules
I add:
---
iptables -A INPUT -p 4 -j ACCEPT
iptables -A INPUT -p udp --dport 520 -j ACCEPT
iptables -t nat -A PREROUTING -p 4 -j DNAT --to 192.168.1.2
---
192.168.1.2 is ip of second router or 44 gateway with rip44d
After adding these lines and reboot the router all problems are corrected.
Let's hope it will be useful.
73, Miro, LZ4NY
-------------------------------------
P.S Вместо да разпитваш приятели и познати как се прави онлайн магазин, тествай безплатно
14 дни Shopiko – за да започнеш да продаваш.
https://www.superhosting.bg/web-hosting-compare-shop-plans.php?utm_source=M…
30 Jul
30 Jul
2:10 p.m.
Hi Miro,
If your primary router (the one you are setting the rules) does not need
to process proto 4 and RIP, you can drop the 2 input rules.
The prerouting DNAT should be enough.
Marius, YO2LOJ
On 2016-07-30 12:51, lz4ny(a)mail.bg wrote:
(Please trim inclusions from previous messages)
_______________________________________________
Hello,
I had a problem to let rip44d after an OpenWrt Chaos Calmer 15.05, but was
dropped dmz traffic ipencap 169.228.66.251 not passed to the second
router.
In openwrt menu: Network -> Firewall -> Custom Rules
I add:
---
iptables -A INPUT -p 4 -j ACCEPT
iptables -A INPUT -p udp --dport 520 -j ACCEPT
iptables -t nat -A PREROUTING -p 4 -j DNAT --to 192.168.1.2
---
192.168.1.2 is ip of second router or 44 gateway with rip44d
2:55 p.m.
Hello Marius
When I ask these rules ipencap is start and encap.txt is update but there
is the following problem stops traffic to the network 44
if remove this:
iptables -t nat -A PREROUTING -p 4 -j DNAT --to 192.168.1.2
44 traffic is start and encap update is stoped.
probably wrong somewhere but trying to figure out where?
network structure to me is the following:
INTERNET-> TP-LINK wr841n(with Openwrt) -> Mikrotik (2.9.27 /in its
settings no problem/) -> Debian (ampr-ripd gateway)
when TP-LINK wr841n is with original tp-link firmware and dmz to mikrotik
is no problem to update encap and normal routing 44 network.
73, Miro LZ4NY
----- Цитат от Marius Petrescu (marius(a)yo2loj.ro), на 30.07.2016
в 16:10 ----- (Please trim inclusions from previous messages)
_______________________________________________
Hi Miro,
If your primary router (the one you are setting the rules) does not need
to process proto 4 and RIP, you can drop the 2 input rules.
The prerouting DNAT should be enough.
Marius, YO2LOJ
On 2016-07-30 12:51, lz4ny(a)mail.bg wrote:
(Please trim inclusions from previous messages)
_______________________________________________
Hello,
I had a problem to let rip44d after an OpenWrt Chaos Calmer 15.05, but was
dropped dmz traffic ipencap 169.228.66.251 not passed to the second
router.
In openwrt menu: Network -> Firewall -> Custom Rules
I add:
---
iptables -A INPUT -p 4 -j ACCEPT
iptables -A INPUT -p udp --dport 520 -j ACCEPT
iptables -t nat -A PREROUTING -p 4 -j DNAT --to 192.168.1.2
---
192.168.1.2 is ip of second router or 44 gateway with rip44d
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net
-------------------------------------
ПП: СуперХостинг.БГ пазят място за твоя сайт. Имат супер летни отстъпки за нови и настоящи
клиенти. Можеш да разглеждаш и другите им промоции.
http://www.superhosting.bg/promo/summer?utm_source=MailBG&utm_medium=fo…
5:18 p.m.
Miro,
The only rule you need on the TP-LINK is:
iptables -t nat -A PREROUTING -p 4 -j DNAT --to 192.168.1.2
Nothing else.
You do NOT need the 2 input rules on OpenWRT.
Marius, YO2LOJ
On 2016-07-30 16:55, Miroslav Nikolov wrote:
INTERNET-> TP-LINK wr841n(with Openwrt) ->
Mikrotik (2.9.27 /in its
settings no problem/) -> Debian (ampr-ripd gateway)
7:05 p.m.
I asked only that rule but once you enable the connection of the gate to
the entire network 44 stops, stops and ping.
Probably something missing but I can not remember what it was.
----- Цитат от Marius Petrescu (marius(a)yo2loj.ro), на 30.07.2016
в 19:18 ----- (Please trim inclusions from previous messages)
_______________________________________________
Miro,
The only rule you need on the TP-LINK is:
iptables -t nat -A PREROUTING -p 4 -j DNAT --to 192.168.1.2
Nothing else.
You do NOT need the 2 input rules on OpenWRT.
Marius, YO2LOJ
On 2016-07-30 16:55, Miroslav Nikolov wrote:
INTERNET-> TP-LINK wr841n(with Openwrt) -> Mikrotik (2.9.27 /in its
settings no problem/) -> Debian (ampr-ripd gateway)
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net
-------------------------------------
ПП: Ако имаш идеи за сайт, виж какво предлагат СуперХостинг.БГ. Това лято имат отстъпка за
нови хостинг планове.
http://www.superhosting.bg/promo/summer?utm_source=MailBG&utm_medium=fo…
10:47 p.m.
You need to specify for which incoming interfaces you want DNAT, else
you will get outgoing encap traffic sent back to the gateway instead of
the internet:
Let's assume eth0 is WAN:
iptables -t nat -A PREROUTING -i eth0 -p 4 -j DNAT --to 192.168.1.2
Marius, YO2LOJ
On 2016-07-30 21:05, Miroslav Nikolov wrote:
(Please trim inclusions from previous messages)
_______________________________________________
I asked only that rule but once you enable the connection of the gate to
the entire network 44 stops, stops and ping.
Probably something missing but I can not remember what it was.
2 Aug
2 Aug
2:59 p.m.
Thanks Marius,
I add only this rules:
iptables -t nat -A PREROUTING -i eth1 -p 4 -j DNAT --to 192.168.1.2
my wan interface is eth1
and all is ok
Bye, Miro LZ4NY
----- Цитат от Marius Petrescu (marius(a)yo2loj.ro), на 31.07.2016
в 00:47 ----- (Please trim inclusions from previous messages)
_______________________________________________
You need to specify for which incoming interfaces you want DNAT, else
you will get outgoing encap traffic sent back to the gateway instead of
the internet:
Let's assume eth0 is WAN:
iptables -t nat -A PREROUTING -i eth0 -p 4 -j DNAT --to 192.168.1.2
Marius, YO2LOJ
On 2016-07-30 21:05, Miroslav Nikolov wrote:
(Please trim inclusions from previous messages)
_______________________________________________
I asked only that rule but once you enable the connection of the gate to
the entire network 44 stops, stops and ping.
Probably something missing but I can not remember what it was.
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net
-------------------------------------
P.S. Спри да търсиш в мрежата как се прави онлайн магазин. Започни да продаваш веднага с
Shopiko. Тествай го безплатно 14 дни.
https://www.superhosting.bg/web-hosting-compare-shop-plans.php?utm_source=M…
2832
days inactive
2835
days old
6 comments
3 participants
participants (3)
-
lz4ny@mail.bg -
Marius Petrescu -
Miroslav Nikolov