internet node settings
Dave
On Thu, Aug 12, 2010 at 4:26 PM, David Beaumont <[email protected]> wrote:
> Here are the settings on the mesh node, will include internet node in next
> post
>
> Thank you for taking the time to try and work though this with me.
>
> On Thu, Aug 12, 2010 at 4:19 PM, Marek Lindner <[email protected]> wrote:
>> On Thursday 12 August 2010 15:14:08 David Beaumont wrote:
>>> I have removed the extra ip addresses that where not needed and tried
>>> to simplify a few other things, however i am still in the same
>>> position where i can ping but not transfer.
>>>
>>> Can anybody see anything wrong with my NAT rules that could be causing
>>> this?
>>
>> Would you mind posting your new settings ?
>>
>>
>> Regards,
>> Marek
>>
>
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
state INVALID
145 19828 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
1 52 syn_flood tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:0x17/0x02
1025 88330 input_rule all -- * * 0.0.0.0/0 0.0.0.0/0
1025 88330 input all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
state INVALID
311 25862 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED
285 23909 forwarding_rule all -- * * 0.0.0.0/0
0.0.0.0/0
285 23909 forward all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
state INVALID
241 24588 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED
0 0 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
51 3364 output_rule all -- * * 0.0.0.0/0 0.0.0.0/0
51 3364 output all -- * * 0.0.0.0/0 0.0.0.0/0
Chain forward (1 references)
pkts bytes target prot opt in out source destination
285 23909 zone_lan_forward all -- br-lan * 0.0.0.0/0
0.0.0.0/0
0 0 zone_wan_forward all -- eth1 * 0.0.0.0/0
0.0.0.0/0
Chain forwarding_lan (1 references)
pkts bytes target prot opt in out source destination
Chain forwarding_rule (1 references)
pkts bytes target prot opt in out source destination
Chain forwarding_wan (1 references)
pkts bytes target prot opt in out source destination
Chain input (1 references)
pkts bytes target prot opt in out source destination
95 5919 zone_lan all -- br-lan * 0.0.0.0/0 0.0.0.0/0
930 82411 zone_wan all -- eth1 * 0.0.0.0/0 0.0.0.0/0
Chain input_lan (1 references)
pkts bytes target prot opt in out source destination
Chain input_rule (1 references)
pkts bytes target prot opt in out source destination
Chain input_wan (1 references)
pkts bytes target prot opt in out source destination
Chain output (1 references)
pkts bytes target prot opt in out source destination
51 3364 zone_lan_ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0
48 2660 zone_wan_ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0
Chain output_rule (1 references)
pkts bytes target prot opt in out source destination
Chain reject (4 references)
pkts bytes target prot opt in out source destination
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with tcp-reset
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-port-unreachable
Chain syn_flood (1 references)
pkts bytes target prot opt in out source destination
1 52 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:0x17/0x02 limit: avg 25/sec burst 50
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain zone_lan (1 references)
pkts bytes target prot opt in out source destination
95 5919 input_lan all -- * * 0.0.0.0/0 0.0.0.0/0
95 5919 zone_lan_ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0
Chain zone_lan_ACCEPT (3 references)
pkts bytes target prot opt in out source destination
380 29828 ACCEPT all -- br-lan * 0.0.0.0/0 0.0.0.0/0
3 704 ACCEPT all -- * br-lan 0.0.0.0/0 0.0.0.0/0
Chain zone_lan_DROP (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- br-lan * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * br-lan 0.0.0.0/0 0.0.0.0/0
Chain zone_lan_MSSFIX (0 references)
pkts bytes target prot opt in out source destination
0 0 TCPMSS tcp -- * br-lan 0.0.0.0/0 0.0.0.0/0
tcp flags:0x06/0x02 TCPMSS clamp to PMTU
Chain zone_lan_REJECT (0 references)
pkts bytes target prot opt in out source destination
0 0 reject all -- br-lan * 0.0.0.0/0 0.0.0.0/0
0 0 reject all -- * br-lan 0.0.0.0/0 0.0.0.0/0
Chain zone_lan_forward (1 references)
pkts bytes target prot opt in out source destination
285 23909 forwarding_lan all -- * * 0.0.0.0/0
0.0.0.0/0
285 23909 zone_lan_ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0
Chain zone_wan (1 references)
pkts bytes target prot opt in out source destination
930 82411 input_wan all -- * * 0.0.0.0/0 0.0.0.0/0
930 82411 zone_wan_ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0
Chain zone_wan_ACCEPT (3 references)
pkts bytes target prot opt in out source destination
930 82411 ACCEPT all -- eth1 * 0.0.0.0/0 0.0.0.0/0
48 2660 ACCEPT all -- * eth1 0.0.0.0/0 0.0.0.0/0
Chain zone_wan_DROP (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- eth1 * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * eth1 0.0.0.0/0 0.0.0.0/0
Chain zone_wan_MSSFIX (0 references)
pkts bytes target prot opt in out source destination
0 0 TCPMSS tcp -- * eth1 0.0.0.0/0 0.0.0.0/0
tcp flags:0x06/0x02 TCPMSS clamp to PMTU
Chain zone_wan_REJECT (0 references)
pkts bytes target prot opt in out source destination
0 0 reject all -- eth1 * 0.0.0.0/0 0.0.0.0/0
0 0 reject all -- * eth1 0.0.0.0/0 0.0.0.0/0
Chain zone_wan_forward (1 references)
pkts bytes target prot opt in out source destination
0 0 forwarding_wan all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 zone_wan_ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
zone_wan_prerouting all -- anywhere anywhere
zone_lan_prerouting all -- anywhere anywhere
prerouting_rule all -- anywhere anywhere
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
postrouting_rule all -- anywhere anywhere
zone_wan_nat all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain postrouting_rule (1 references)
target prot opt source destination
Chain prerouting_lan (1 references)
target prot opt source destination
Chain prerouting_rule (1 references)
target prot opt source destination
Chain prerouting_wan (1 references)
target prot opt source destination
Chain zone_lan_nat (0 references)
target prot opt source destination
MASQUERADE all -- anywhere anywhere
Chain zone_lan_prerouting (1 references)
target prot opt source destination
prerouting_lan all -- anywhere anywhere
Chain zone_wan_nat (1 references)
target prot opt source destination
MASQUERADE all -- anywhere anywhere
Chain zone_wan_prerouting (1 references)
target prot opt source destination
prerouting_wan all -- anywhere anywhere
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth1
ath0
bridge name bridge id STP enabled interfaces
br-lan 8000.000db9190e98 no bat0
eth0
ath0 Link encap:Ethernet HWaddr 00:0C:42:3A:75:A2
UP BROADCAST RUNNING MULTICAST MTU:1524 Metric:1
RX packets:23704 errors:0 dropped:12 overruns:0 frame:0
TX packets:11831 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:964278 (941.6 KiB) TX bytes:568445 (555.1 KiB)
bat0 Link encap:Ethernet HWaddr 00:FF:7A:EC:B9:54
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:513 errors:0 dropped:0 overruns:0 frame:0
TX packets:503 errors:0 dropped:1 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:41892 (40.9 KiB) TX bytes:46343 (45.2 KiB)
br-lan Link encap:Ethernet HWaddr 00:0D:B9:19:0E:98
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:513 errors:0 dropped:0 overruns:0 frame:0
TX packets:504 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:34710 (33.8 KiB) TX bytes:46745 (45.6 KiB)
eth0 Link encap:Ethernet HWaddr 00:0D:B9:19:0E:98
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:10 Base address:0xa000
eth1 Link encap:Ethernet HWaddr 00:0D:B9:19:0E:99
inet addr:192.168.0.117 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1870 errors:0 dropped:0 overruns:0 frame:0
TX packets:606 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:176445 (172.3 KiB) TX bytes:53822 (52.5 KiB)
Interrupt:15 Base address:0x4000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
wifi0 Link encap:UNSPEC HWaddr
00-0C-42-3A-75-A2-00-00-00-00-00-00-00-00-00-00
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:66684 errors:0 dropped:0 overruns:0 frame:0
TX packets:11831 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:195
RX bytes:5486567 (5.2 MiB) TX bytes:828727 (809.3 KiB)
Interrupt:9