I have removed the extra ip addresses that where not needed and tried
to simplify a few other things, however i am still in the same
position where i can ping but not transfer.

Can anybody see anything wrong with my NAT rules that could be causing this?

On Thu, Aug 12, 2010 at 2:41 PM, David Beaumont <[email protected]> wrote:
> It does appear that i have got somewhat confused with my ip ranges and
> addresses, let me try and clear that up now as ath0 and bat0 certainly
> doesn't need an ip address.
>
> Sorry for my oversight on this, i've gotten myself in a bit of a mess
> trying to resolve this by the looks of things.
>
> Ah, sorry i missed the nat information here it is
>
> mesh_
>
> Chain PREROUTING (policy ACCEPT)
> target     prot opt source               destination
>
> Chain POSTROUTING (policy ACCEPT)
> target     prot opt source               destination
> MASQUERADE  all  --  anywhere             anywhere
>
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
>
> Chain luci_splash_leases (1 references)
> target     prot opt source               destination
> REDIRECT   tcp  --  anywhere             anywhere            tcp
> dpt:80 redir ports 8082
> DROP       all  --  anywhere             anywhere
>
> Chain luci_splash_portal (0 references)
> target     prot opt source               destination
> RETURN     udp  --  anywhere             anywhere            udp
> dpts:33434:33523
> RETURN     icmp --  anywhere             anywhere
> RETURN     udp  --  anywhere             anywhere            udp dpt:53
> luci_splash_leases  all  --  anywhere             anywhere
>
> Chain luci_splash_prerouting (0 references)
> target     prot opt source               destination
>
> Chain natfix_ath0 (0 references)
> target     prot opt source               destination
> ACCEPT     all  --  10.0.0.0/8           10.0.0.0/8
>
> Chain natfix_br-lan (0 references)
> target     prot opt source               destination
> ACCEPT     all  --  10.2.4.0/24          10.2.4.0/24
>
> Chain natfix_br-wan (0 references)
> target     prot opt source               destination
> ACCEPT     all  --  192.168.1.0/24       192.168.1.0/24
>
>
> net_
>
> Chain PREROUTING (policy ACCEPT)
> target     prot opt source               destination
> zone_wan_prerouting  all  --  anywhere             anywhere
> zone_lan_prerouting  all  --  anywhere             anywhere
> prerouting_rule  all  --  anywhere             anywhere
>
> Chain POSTROUTING (policy ACCEPT)
> target     prot opt source               destination
> postrouting_rule  all  --  anywhere             anywhere
> zone_wan_nat  all  --  anywhere             anywhere
>
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
>
> Chain postrouting_rule (1 references)
> target     prot opt source               destination
>
> Chain prerouting_lan (1 references)
> target     prot opt source               destination
>
> Chain prerouting_rule (1 references)
> target     prot opt source               destination
>
> Chain prerouting_wan (1 references)
> target     prot opt source               destination
>
> Chain zone_lan_nat (0 references)
> target     prot opt source               destination
> MASQUERADE  all  --  anywhere             anywhere
>
> Chain zone_lan_prerouting (1 references)
> target     prot opt source               destination
> prerouting_lan  all  --  anywhere             anywhere
>
> Chain zone_wan_nat (1 references)
> target     prot opt source               destination
> MASQUERADE  all  --  anywhere             anywhere
>
> Chain zone_wan_prerouting (1 references)
> target     prot opt source               destination
> prerouting_wan  all  --  anywhere             anywhere
>
>
>
> On Thu, Aug 12, 2010 at 2:29 PM, Sven Eckelmann <[email protected]> wrote:
>> David Beaumont wrote:
>>> Hopefully attachments come though ok?
>>>
>>> net_ is from the router connected to the internet
>>> mesh_ is the other side of the mesh
>>
>> to the mesh thing:
>>
>>  * Why has ath0 an IP... which also conflicts with the ip range of bat0 and
>>   br-lan?
>>
>>  * Why has bat0 an ip when it is part of br-wan.
>>
>>  * Why has the ath0 device iptables entries?
>>
>> to the net thing:
>>
>>  * why has bat0 an ip when it is part of br-lan?
>>
>>
>> Why don't I see masquerade anywhere in the iptables output (-t nat)?
>>
>> Best regards,
>>        Sven
>>
>

Reply via email to