[Berlin-wireless] Routingproblem zwischen privaten Netz (LAN) und WRT
DL7VWH
DL7VWH
Do Okt 26 11:33:56 CEST 2006
Liebe Freifunker,
ich suche nach einer Lösung zwischen 2 Netzbereichen eine Verbindung
herzustellen.
Das Problem dabei ist, dass vom Router initiiert keine Antwort von der
Netzwerkkarte erfolgt.
Der Router hat die IP 192.168.153.1
Die Netzkarte die 192.168.153.10
kann mir jemand helfen, bitte welcher Eintrag in die IPtables erforderlich
(oder was anderweitig wrong) ist
MfG & herzlichen Dank im voraus
DL7VWH (Wolfgang)
anbei zur Illustrierung pingantwort, routing tabellenauszug und iptables
root at DL7VWH1:~# ping 192.168.153.10
--- 192.168.153.10 ping statistics ---
12 packets transmitted, 0 packets received, 100% packet loss
root at DL7VWH1:~# route
[Install freifunk-openwrt-compat for /sbin/route]
+ exec ip route
104.13.3.241 via 104.140.100.5 dev eth1 metric 9
......
104.13.0.20 via 104.140.100.5 dev eth1 metric 8
104.13.0.17 via 104.140.100.5 dev eth1 metric 8
192.168.153.0/24 dev br0 proto kernel scope link src 192.168.153.1
104.0.0.0/8 dev eth1 proto kernel scope link src 104.140.100.1
default via 104.140.100.5 dev eth1 metric 3
root at DL7VWH1:~# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -f anywhere anywhere
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
DROP tcp -- anywhere anywhere tcp
option=!2 flags:SYN/SYN
input_rule all -- anywhere anywhere
LAN_ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere
REJECT tcp -- anywhere anywhere reject-with
tcp-reset
REJECT all -- anywhere anywhere reject-with
icmp-port-unreachable
ACCEPT tcp -- anywhere anywhere tcp dpt:22
ACCEPT tcp -- anywhere anywhere tcp dpt:80
ACCEPT icmp -- anywhere anywhere
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
LOG all -- anywhere anywhere LOG level
warning prefix `WAN:'
DROP all -- anywhere anywhere
ACCEPT udp -- anywhere 255.255.255.255 udp spt:68
dpt:67
ACCEPT udp -- anywhere 255.255.255.255 udp spt:68
dpt:67
ipfilter all -- anywhere anywhere
ACCEPT udp -- !192.168.153.0/24 anywhere udp spt:698
dpt:698
ACCEPT all -- 192.168.153.0/24 DL7VWH1.olsr
ACCEPT all -- 192.168.153.0/24 192.168.153.1
LOG all -- anywhere anywhere LOG level
warning prefix `IN:'
DROP all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
DROP all -- anywhere anywhere state INVALID
TCPMSS tcp -- anywhere anywhere tcp
flags:SYN,RST/SYN TCPMSS clamp to PMTU
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
forwarding_rule all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- 192.168.153.0/24 !192.168.153.0/24 state
NEW,RELATED,ESTABLISHED
LOG all -- anywhere anywhere LOG level
warning prefix `WAN:'
DROP all -- anywhere anywhere
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- !192.168.153.0/24 192.168.153.0/24 state
RELATED,ESTABLISHED
LOG all -- anywhere 192.168.153.0/24 LOG level
warning prefix `WAN:'
DROP all -- anywhere 192.168.153.0/24
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- net-olsr.dl7vwh.de/8 !net-olsr.dl7vwh.de/8 state
NEW,RELATED,ESTABLISHED
LOG all -- anywhere anywhere LOG level
warning prefix `WAN:'
DROP all -- anywhere anywhere
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- !net-olsr.dl7vwh.de/8 net-olsr.dl7vwh.de/8 state
RELATED,ESTABLISHED
LOG all -- anywhere net-olsr.dl7vwh.de/8 LOG level
warning prefix `WAN:'
DROP all -- anywhere net-olsr.dl7vwh.de/8
ipfilter all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT udp -- anywhere 255.255.255.255 udp spt:68
dpt:67
ACCEPT udp -- anywhere 255.255.255.255 udp spt:68
dpt:67
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere state
NEW,RELATED,ESTABLISHED
LOG all -- anywhere anywhere LOG level
warning prefix `FW:'
DROP all -- anywhere anywhere
Chain LAN_ACCEPT (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy DROP)
target prot opt source destination
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
output_rule all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
REJECT tcp -- anywhere anywhere reject-with
tcp-reset
REJECT all -- anywhere anywhere reject-with
icmp-port-unreachable
ACCEPT all -- anywhere anywhere
ipfilter all -- anywhere anywhere
ACCEPT all -- DL7VWH1.olsr 192.168.153.0/24
ACCEPT all -- 192.168.153.1 192.168.153.0/24
LOG all -- anywhere anywhere LOG level
warning prefix `OUT:'
DROP all -- anywhere anywhere
Chain forwarding_rule (1 references)
target prot opt source destination
Chain input_rule (1 references)
target prot opt source destination
Chain ipfilter (3 references)
target prot opt source destination
ACCEPT all -- 127.0.0.0/8 127.0.0.0/8
ACCEPT all -- 192.168.153.1 192.168.153.1
ACCEPT all -- DL7VWH1.olsr DL7VWH1.olsr
ACCEPT all -- 192.168.153.0/24 192.168.153.0/24
LOG all -- 127.0.0.0/8 anywhere LOG level
warning
DROP all -- 127.0.0.0/8 anywhere
LOG all -- 192.168.153.0/24 anywhere LOG level
warning
DROP all -- 192.168.153.0/24 anywhere
ACCEPT all -- anywhere net-olsr.dl7vwh.de/8
ACCEPT all -- 127.0.0.0/8 127.0.0.0/8
ACCEPT all -- 192.168.153.1 192.168.153.1
ACCEPT all -- DL7VWH1.olsr DL7VWH1.olsr
ACCEPT all -- 192.168.153.0/24 192.168.153.0/24
LOG all -- anywhere 127.0.0.0/8 LOG level
warning
DROP all -- anywhere 127.0.0.0/8
LOG all -- anywhere 192.168.153.0/24 LOG level
warning
DROP all -- anywhere 192.168.153.0/24
ACCEPT all -- net-olsr.dl7vwh.de/8 anywhere
--
Diese Mail ist digital unterschrieben und bestätigt durch CAcert
Das erforderliche Wurzelzertifikat bekommen Sie hier:
https://www.cacert.org/index.php?id=3
-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname : smime.p7s
Dateityp : application/x-pkcs7-signature
Dateigröße : 4838 bytes
Beschreibung: S/MIME Cryptographic Signature
URL : http://lists.olsrexperiment.de/cgi-bin/mailman/private/berlin/attachments/20061026/687cc26f/attachment.bin
-------------- nächster Teil --------------
_______________________________________________
Berlin mailing list
Berlin at olsrexperiment.de
https://www.olsrexperiment.de/cgi-bin/mailman/listinfo/berlin
Mehr Informationen über die Mailingliste Berlin