Network2/Experiments/OpenWRT: Difference between revisions

From OLPC
Jump to navigation Jump to search
m (New page: Installed OpenWRT. Found that I could no longer ping my IP address from crank. Examined firewall: iptables -t mangle -L Good, no mangling. iptables -t nat -L Some NAT, but just a c...)
 
mNo edit summary
Line 1: Line 1:
{{Network2 header}}
Installed OpenWRT.
Installed OpenWRT.


Revision as of 17:46, 9 January 2010

Installed OpenWRT.

Found that I could no longer ping my IP address from crank.

Examined firewall: 

iptables -t mangle -L

Good, no mangling. 

iptables -t nat -L

Some NAT, but just a couple of MASQUERADE rules. 

iptables -t filter -L

Lots of filtering. In more detail: 

iptables -t filter -L INPUT

Some complicated chains:

  • syn_flood rate-limits TCP connection control packets.
  • input_rule is empty
  • input has subchains for zone_wan and zone_lan.
  • zone_lan accepts everything.
  • zone_wan rejects everything not accepted by input_wan.

Okay, let's add an accept rule to input_wan: 

iptables -t filter -A input_wan -p icmp -j ACCEPT
Retrieved from "http://wiki.laptop.org/mediawiki/index.php?title=Network2/Experiments/OpenWRT&oldid=230109"