<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Na was ist denn hier los,</p>
<p>ganzschön ruhig seit Donnerstag.</p>
<p>Dann will ich mal mein Problemchen in die Community werfen:</p>
<p>Seit einem Stromausfall leitet mein Freifunkrouter keine Pakete
mehr an die Clients weiter.</p>
<p>Bis zum Router flutscht alles. Nur wenn ich per SSH einen
dynamischen Port auf dem Router öffne und diesen auf dem Client
als SOCKS-Proxy angebe fließen die Pakete auch bis zum Client. Ich
würde mal die IPtables verdächtigen, auf dem Gebiet kenn ich mich
allerdings noch recht schlecht aus.</p>
<p>Kurz zum Setup: TL-WR1043ND verbunden per Lanmesh mit CPE510 auf
dem Dach, die am BBB hängt.<br>
</p>
<p>Für Hilfe bin ich immer dankbar.</p>
<p>LG Basti</p>
<p><br>
</p>
<blockquote>
<p><font size="-1">[root] ~> iptables -L<br>
Chain INPUT (policy ACCEPT)<br>
target prot opt source destination <br>
delegate_input all -- anywhere
anywhere <br>
<br>
Chain FORWARD (policy ACCEPT)<br>
target prot opt source destination <br>
delegate_forward all -- anywhere
anywhere <br>
<br>
Chain OUTPUT (policy ACCEPT)<br>
target prot opt source destination <br>
delegate_output all -- anywhere
anywhere <br>
<br>
Chain delegate_forward (1 references)<br>
target prot opt source destination <br>
forwarding_rule all -- anywhere
anywhere /* user chain for forwarding */<br>
ACCEPT all -- anywhere anywhere
ctstate RELATED,ESTABLISHED<br>
zone_wan_forward all -- anywhere
anywhere <br>
zone_freifunk_forward all -- anywhere
anywhere <br>
zone_freifunk_forward all -- anywhere
anywhere <br>
zone_freifunk_forward all -- anywhere
anywhere <br>
zone_freifunk_forward all -- anywhere
anywhere <br>
zone_freifunk_forward all -- anywhere
anywhere <br>
reject all -- anywhere anywhere <br>
<br>
Chain delegate_input (1 references)<br>
target prot opt source destination <br>
ACCEPT all -- anywhere anywhere <br>
input_rule all -- anywhere anywhere
/* user chain for input */<br>
ACCEPT all -- anywhere anywhere
ctstate RELATED,ESTABLISHED<br>
syn_flood tcp -- anywhere anywhere
tcp flags:FIN,SYN,RST,ACK/SYN<br>
zone_wan_input all -- anywhere
anywhere <br>
zone_freifunk_input all -- anywhere
anywhere <br>
zone_freifunk_input all -- anywhere
anywhere <br>
zone_freifunk_input all -- anywhere
anywhere <br>
zone_freifunk_input all -- anywhere
anywhere <br>
zone_freifunk_input all -- anywhere
anywhere <br>
<br>
Chain delegate_output (1 references)<br>
target prot opt source destination <br>
ACCEPT all -- anywhere anywhere <br>
output_rule all -- anywhere
anywhere /* user chain for output */<br>
ACCEPT all -- anywhere anywhere
ctstate RELATED,ESTABLISHED<br>
zone_wan_output all -- anywhere
anywhere <br>
zone_freifunk_output all -- anywhere
anywhere <br>
zone_freifunk_output all -- anywhere
anywhere <br>
zone_freifunk_output all -- anywhere
anywhere <br>
zone_freifunk_output all -- anywhere
anywhere <br>
zone_freifunk_output all -- anywhere
anywhere <br>
<br>
Chain forwarding_freifunk_rule (1 references)<br>
target prot opt source destination <br>
<br>
Chain forwarding_rule (1 references)<br>
target prot opt source destination <br>
<br>
Chain forwarding_wan_rule (1 references)<br>
target prot opt source destination <br>
<br>
Chain input_freifunk_rule (1 references)<br>
target prot opt source destination <br>
<br>
Chain input_rule (1 references)<br>
target prot opt source destination <br>
<br>
Chain input_wan_rule (1 references)<br>
target prot opt source destination <br>
<br>
Chain output_freifunk_rule (1 references)<br>
target prot opt source destination <br>
<br>
Chain output_rule (1 references)<br>
target prot opt source destination <br>
<br>
Chain output_wan_rule (1 references)<br>
target prot opt source destination <br>
<br>
Chain reject (2 references)<br>
target prot opt source destination <br>
REJECT tcp -- anywhere anywhere
reject-with tcp-reset<br>
REJECT all -- anywhere anywhere
reject-with icmp-port-unreachable<br>
<br>
Chain syn_flood (1 references)<br>
target prot opt source destination <br>
RETURN tcp -- anywhere anywhere
tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 25/sec burst 50<br>
DROP all -- anywhere anywhere <br>
<br>
Chain zone_freifunk_dest_ACCEPT (4 references)<br>
target prot opt source destination <br>
ACCEPT all -- anywhere anywhere <br>
ACCEPT all -- anywhere anywhere <br>
ACCEPT all -- anywhere anywhere <br>
ACCEPT all -- anywhere anywhere <br>
ACCEPT all -- anywhere anywhere <br>
<br>
Chain zone_freifunk_forward (5 references)<br>
target prot opt source destination <br>
forwarding_freifunk_rule all -- anywhere
anywhere /* user chain for forwarding */<br>
zone_freifunk_dest_ACCEPT all -- anywhere
anywhere /* forwarding freifunk -> freifunk */<br>
ACCEPT all -- anywhere anywhere
ctstate DNAT /* Accept port forwards */<br>
zone_freifunk_dest_ACCEPT all -- anywhere
anywhere <br>
<br>
Chain zone_freifunk_input (5 references)<br>
target prot opt source destination <br>
input_freifunk_rule all -- anywhere
anywhere /* user chain for input */<br>
ACCEPT icmp -- anywhere anywhere
/* @rule[5] */<br>
ACCEPT tcp -- anywhere anywhere
tcp dpt:www /* @rule[6] */<br>
ACCEPT tcp -- anywhere anywhere
tcp dpt:https /* @rule[7] */<br>
ACCEPT tcp -- anywhere anywhere
tcp dpt:ssh /* @rule[8] */<br>
ACCEPT all -- anywhere anywhere
ctstate DNAT /* Accept port redirections */<br>
zone_freifunk_src_ACCEPT all -- anywhere
anywhere <br>
<br>
Chain zone_freifunk_output (5 references)<br>
target prot opt source destination <br>
output_freifunk_rule all -- anywhere
anywhere /* user chain for output */<br>
zone_freifunk_dest_ACCEPT all -- anywhere
anywhere <br>
<br>
Chain zone_freifunk_src_ACCEPT (1 references)<br>
target prot opt source destination <br>
ACCEPT all -- anywhere anywhere <br>
ACCEPT all -- anywhere anywhere <br>
ACCEPT all -- anywhere anywhere <br>
ACCEPT all -- anywhere anywhere <br>
ACCEPT all -- anywhere anywhere <br>
<br>
Chain zone_wan_dest_ACCEPT (1 references)<br>
target prot opt source destination <br>
ACCEPT all -- anywhere anywhere <br>
<br>
Chain zone_wan_dest_REJECT (1 references)<br>
target prot opt source destination <br>
reject all -- anywhere anywhere <br>
<br>
Chain zone_wan_forward (1 references)<br>
target prot opt source destination <br>
forwarding_wan_rule all -- anywhere
anywhere /* user chain for forwarding */<br>
zone_freifunk_dest_ACCEPT all -- anywhere
anywhere /* forwarding wan -> freifunk */<br>
ACCEPT all -- anywhere anywhere
ctstate DNAT /* Accept port forwards */<br>
zone_wan_dest_REJECT all -- anywhere
anywhere <br>
<br>
Chain zone_wan_input (1 references)<br>
target prot opt source destination <br>
input_wan_rule all -- anywhere
anywhere /* user chain for input */<br>
ACCEPT udp -- anywhere anywhere
udp dpt:bootpc /* Allow-DHCP-Renew */<br>
ACCEPT icmp -- anywhere anywhere
icmp echo-request /* Allow-Ping */<br>
ACCEPT all -- anywhere anywhere
ctstate DNAT /* Accept port redirections */<br>
zone_wan_src_ACCEPT all -- anywhere
anywhere <br>
<br>
Chain zone_wan_output (1 references)<br>
target prot opt source destination <br>
output_wan_rule all -- anywhere
anywhere /* user chain for output */<br>
zone_wan_dest_ACCEPT all -- anywhere
anywhere <br>
<br>
Chain zone_wan_src_ACCEPT (1 references)<br>
target prot opt source destination <br>
ACCEPT all -- anywhere anywhere </font><br>
</p>
</blockquote>
</body>
</html>