I have removed the extra ip addresses that where not needed and tried to simplify a few other things, however i am still in the same position where i can ping but not transfer.
Can anybody see anything wrong with my NAT rules that could be causing this? On Thu, Aug 12, 2010 at 2:41 PM, David Beaumont <[email protected]> wrote: > It does appear that i have got somewhat confused with my ip ranges and > addresses, let me try and clear that up now as ath0 and bat0 certainly > doesn't need an ip address. > > Sorry for my oversight on this, i've gotten myself in a bit of a mess > trying to resolve this by the looks of things. > > Ah, sorry i missed the nat information here it is > > mesh_ > > Chain PREROUTING (policy ACCEPT) > target prot opt source destination > > Chain POSTROUTING (policy ACCEPT) > target prot opt source destination > MASQUERADE all -- anywhere anywhere > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > > Chain luci_splash_leases (1 references) > target prot opt source destination > REDIRECT tcp -- anywhere anywhere tcp > dpt:80 redir ports 8082 > DROP all -- anywhere anywhere > > Chain luci_splash_portal (0 references) > target prot opt source destination > RETURN udp -- anywhere anywhere udp > dpts:33434:33523 > RETURN icmp -- anywhere anywhere > RETURN udp -- anywhere anywhere udp dpt:53 > luci_splash_leases all -- anywhere anywhere > > Chain luci_splash_prerouting (0 references) > target prot opt source destination > > Chain natfix_ath0 (0 references) > target prot opt source destination > ACCEPT all -- 10.0.0.0/8 10.0.0.0/8 > > Chain natfix_br-lan (0 references) > target prot opt source destination > ACCEPT all -- 10.2.4.0/24 10.2.4.0/24 > > Chain natfix_br-wan (0 references) > target prot opt source destination > ACCEPT all -- 192.168.1.0/24 192.168.1.0/24 > > > net_ > > Chain PREROUTING (policy ACCEPT) > target prot opt source destination > zone_wan_prerouting all -- anywhere anywhere > zone_lan_prerouting all -- anywhere anywhere > prerouting_rule all -- anywhere anywhere > > Chain POSTROUTING (policy ACCEPT) > target prot opt source destination > postrouting_rule all -- anywhere anywhere > zone_wan_nat all -- anywhere anywhere > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > > Chain postrouting_rule (1 references) > target prot opt source destination > > Chain prerouting_lan (1 references) > target prot opt source destination > > Chain prerouting_rule (1 references) > target prot opt source destination > > Chain prerouting_wan (1 references) > target prot opt source destination > > Chain zone_lan_nat (0 references) > target prot opt source destination > MASQUERADE all -- anywhere anywhere > > Chain zone_lan_prerouting (1 references) > target prot opt source destination > prerouting_lan all -- anywhere anywhere > > Chain zone_wan_nat (1 references) > target prot opt source destination > MASQUERADE all -- anywhere anywhere > > Chain zone_wan_prerouting (1 references) > target prot opt source destination > prerouting_wan all -- anywhere anywhere > > > > On Thu, Aug 12, 2010 at 2:29 PM, Sven Eckelmann <[email protected]> wrote: >> David Beaumont wrote: >>> Hopefully attachments come though ok? >>> >>> net_ is from the router connected to the internet >>> mesh_ is the other side of the mesh >> >> to the mesh thing: >> >> * Why has ath0 an IP... which also conflicts with the ip range of bat0 and >> br-lan? >> >> * Why has bat0 an ip when it is part of br-wan. >> >> * Why has the ath0 device iptables entries? >> >> to the net thing: >> >> * why has bat0 an ip when it is part of br-lan? >> >> >> Why don't I see masquerade anywhere in the iptables output (-t nat)? >> >> Best regards, >> Sven >> >
