Hello Marius When I ask these rules ipencap is start and encap.txt is update but there is the following problem stops traffic to the network 44

if remove this:

iptables -t nat -A PREROUTING -p 4 -j DNAT --to 192.168.1.2

44 traffic is start and encap update is stoped.

probably wrong somewhere but trying to figure out where?

network structure to me is the following:

INTERNET-> TP-LINK wr841n(with Openwrt) -> Mikrotik (2.9.27 /in its settings no problem/) -> Debian (ampr-ripd gateway)

when TP-LINK wr841n is with original tp-link firmware and dmz to mikrotik is no problem to update encap and normal routing 44 network.

73, Miro LZ4NY

----- Цитат от Marius Petrescu (marius@yo2loj.ro), на 30.07.2016 в 16:10 ----- (Please trim inclusions from previous messages) _______________________________________________ Hi Miro,

If your primary router (the one you are setting the rules) does not need to process proto 4 and RIP, you can drop the 2 input rules.

The prerouting DNAT should be enough.

Marius, YO2LOJ

On 2016-07-30 12:51, lz4ny@mail.bg wrote: (Please trim inclusions from previous messages) _______________________________________________

Hello, I had a problem to let rip44d after an OpenWrt Chaos Calmer 15.05, but was dropped dmz traffic ipencap 169.228.66.251 not passed to the second router.

In openwrt menu: Network -> Firewall -> Custom Rules

I add:

---

iptables -A INPUT -p 4 -j ACCEPT iptables -A INPUT -p udp --dport 520 -j ACCEPT iptables -t nat -A PREROUTING -p 4 -j DNAT --to 192.168.1.2

---

192.168.1.2 is ip of second router or 44 gateway with rip44d

_________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net

-------------------------------------

ПП: СуперХостинг.БГ пазят място за твоя сайт. Имат супер летни отстъпки за нови и настоящи клиенти. Можеш да разглеждаш и другите им промоции. http://www.superhosting.bg/promo/summer?utm_source=MailBG&utm_medium=foo...

I asked only that rule but once you enable the connection of the gate to the entire network 44 stops, stops and ping. Probably something missing but I can not remember what it was.

----- Цитат от Marius Petrescu (marius@yo2loj.ro), на 30.07.2016 в 19:18 ----- (Please trim inclusions from previous messages) _______________________________________________ Miro,

The only rule you need on the TP-LINK is:

iptables -t nat -A PREROUTING -p 4 -j DNAT --to 192.168.1.2

Nothing else. You do NOT need the 2 input rules on OpenWRT.

Marius, YO2LOJ

On 2016-07-30 16:55, Miroslav Nikolov wrote: INTERNET-> TP-LINK wr841n(with Openwrt) -> Mikrotik (2.9.27 /in its settings no problem/) -> Debian (ampr-ripd gateway)

_________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net

-------------------------------------

ПП: Ако имаш идеи за сайт, виж какво предлагат СуперХостинг.БГ. Това лято имат отстъпка за нови хостинг планове. http://www.superhosting.bg/promo/summer?utm_source=MailBG&utm_medium=foo...

Thanks Marius,

I add only this rules:

iptables -t nat -A PREROUTING -i eth1 -p 4 -j DNAT --to 192.168.1.2

my wan interface is eth1

and all is ok

Bye, Miro LZ4NY

----- Цитат от Marius Petrescu (marius@yo2loj.ro), на 31.07.2016 в 00:47 ----- (Please trim inclusions from previous messages) _______________________________________________ You need to specify for which incoming interfaces you want DNAT, else you will get outgoing encap traffic sent back to the gateway instead of the internet:

Let's assume eth0 is WAN:

iptables -t nat -A PREROUTING -i eth0 -p 4 -j DNAT --to 192.168.1.2

Marius, YO2LOJ

On 2016-07-30 21:05, Miroslav Nikolov wrote: (Please trim inclusions from previous messages) _______________________________________________

I asked only that rule but once you enable the connection of the gate to the entire network 44 stops, stops and ping. Probably something missing but I can not remember what it was.

_________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net

-------------------------------------

P.S. Спри да търсиш в мрежата как се прави онлайн магазин. Започни да продаваш веднага с Shopiko. Тествай го безплатно 14 дни. https://www.superhosting.bg/web-hosting-compare-shop-plans.php?utm_source=Ma...