Network2/Experiments/OpenWRT: Difference between revisions
< Network2 | Experiments
Jump to navigation
Jump to search
m (New page: Installed OpenWRT. Found that I could no longer ping my IP address from crank. Examined firewall: iptables -t mangle -L Good, no mangling. iptables -t nat -L Some NAT, but just a c...) |
mNo edit summary |
||
Line 1: | Line 1: | ||
{{Network2 header}} |
|||
Installed OpenWRT. |
Installed OpenWRT. |
||
Revision as of 17:46, 9 January 2010
Installed OpenWRT.
Found that I could no longer ping my IP address from crank.
Examined firewall:
iptables -t mangle -L
Good, no mangling.
iptables -t nat -L
Some NAT, but just a couple of MASQUERADE rules.
iptables -t filter -L
Lots of filtering. In more detail:
iptables -t filter -L INPUT
Some complicated chains:
- syn_flood rate-limits TCP connection control packets.
- input_rule is empty
- input has subchains for zone_wan and zone_lan.
- zone_lan accepts everything.
- zone_wan rejects everything not accepted by input_wan.
Okay, let's add an accept rule to input_wan:
iptables -t filter -A input_wan -p icmp -j ACCEPT