[Wifidog] OpenWRT
Philippe April
isf_lists at philippeapril.com
Wed Feb 2 10:44:27 EST 2005
I haven't checked yet, but just to add a little more info, you know we
can put whatever we want in nvram, so if you have installed the
"sveasoft" firmware at some point in time (which was putting a LOT of
"stuff" in the nvram for its web interface and other stuff), it could be
coming from there.
I have not been able to find anything about that variable anywhere but
two links on google.
But you know, I have setup quite a few routers for Ile sans Fil so far
and I've never had this issue.
On Wed, Feb 02, 2005 at 01:28:34AM -0500, Thomas Guyot-Sionnest wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> It was the latest at that moment, and I think it was the same problem
> with your firmware...
>
> There's 3 files atached:
>
> 1.: Original NVRAM settings obtained with a ping hack with the router
> working with pppoe. Most, if not all settings, remains unchanged.
>
> 2.: Original, unworking, S45firewall.
>
> 3.: Current, working, S45firewall.
>
> and finally:
>
> root at OpenWrt:~# uname -a
> Linux OpenWrt 2.4.20 #1 Fri Jan 7 04:14:38 EST 2005 mips unknown
>
>
> See for yourself
>
> Thomas
>
> Philippe April wrote:
> |> I found out later with a vanilla OpenWrt that $WAN init variable (in
> |> S45firewall) is set from the wrong NVRAM variable and that was the
> |> cause...
> |>
> |> WAN=$(nvram get wan_ifname)
> |>
> |> should be:
> |>
> |> WAN=$(nvram get wan_iface)
> |
> |
> | wan_iface does not exist on my router at home, nor on the cafe's routers.
> |
> | Do you have a recent version of openwrt?
> |
> | We want to get rid of the need for the "ExternalInterface" in wifidog
> | eventually because it needs to be right in order for wifidog to work
> | properly (design issue which is not REALLY needed) and it's been causing
> | trouble lately, it's hard to detect it.
> |
> | Philippe April
> |
> |
> |
> | ------------------------------------------------------------------------
> |
> | _______________________________________________
> | Wifidog mailing list
> | Wifidog at isf.waglo.com
> | http://isf.waglo.com/mailman/listinfo/wifidog_isf.waglo.com
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.4 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFCAHMS6dZ+Kt5BchYRAmwkAKDD9ofp5oGnb88xEB5Qg7NQv7cbrACgwBf0
> XcQuilDopDd3vSZ7aMmYnv4=
> =97HT
> -----END PGP SIGNATURE-----
> wl_radius_port=1812
> wl_mac_deny=
> filter_dport_grp3=
> filter_dport_grp4=
> filter_dport_grp5=
> filter=off
> wan_unit=0
> wl_ap_ssid=
> wl0_net_mode=mixed
> filter_dport_grp6=
> os_ram_addr=80001000
> filter_dport_grp7=
> wl0_frameburst=off
> filter_dport_grp8=
> filter_dport_grp9=
> ddns_username_2=
> log_ipaddr=0
> boardrev=0x10
> il0macaddr=00:90:4c:5f:00:2a
> ppp_idletime=5
> ppp_passwd=tyoawy
> ddns_enable=1
> et0macaddr=00:0F:66:90:F8:EC
> skip_intel_check=0
> qos_appport1=0
> wl0_wep_buf=
> ddns_hostname_buf=dermoth.dyndns.org
> d11g_mode=2
> wan_get_dns=206.123.6.11 206.123.6.10
> qos_appport2=0
> boot_wait=on
> watchdog=5000
> qos_appport3=0
> wl0_macmode1=disabled
> wl_phytypes=
> filter_web_host1=
> wl0_infra=1
> filter_web_host2=
> action_service_arg1=
> wl0_country_code=AU
> filter_web_host3=
> fw_disable=0
> et0mdcport=0
> router_name=WRT54G
> pppoe_keepalive=0
> filter_web_host4=
> filter_web_host5=
> Intel_firmware_version=v1.41.8
> filter_web_host6=
> https_enable=0
> wl0_ap_ssid=
> wl_infra=1
> filter_web_host7=
> filter_web_host8=
> l2tp_get_ip=
> filter_web_host9=
> pptp_server_ip=
> ppp_get_ac=bas5-montreal02
> pmon_ver=CFE 3.51.21.0
> restore_defaults=0
> wan_run_mtu=1492
> ppp_username=dermoth at aei.ca
> wan_lease=0
> filter_port=
> ddns_enable_buf=1
> d11g_dtim=1
> ddns_hostname=dermoth.dyndns.org
> wl_radius_ipaddr=
> http_wanport=8080
> filter_ip_grp1=
> filter_ip_grp2=
> wl0_ifname=eth1
> filter_ip_grp3=
> dr_lan_rx=0
> filter_ip_grp4=
> lan_domain=
> filter_ip_grp5=
> timer_interval=3600
> filter_ip_grp6=
> gpio2=adm_eecs
> forward_port0=6881-6881>192.168.1.101:6881-6881,tcp,on,Azureus UPnP 6881
> pppoe_ac=
> filter_ip_grp7=
> filter_rule1=
> gpio3=adm_eesk
> forward_port1=6881-6881>192.168.1.101:6881-6881,udp,on,Azureus UPnP 6881
> hb_server_ip=
> ipsec_pass=1
> filter_ip_grp8=
> filter_rule2=
> qos_devmac1=00:00:00:00:00:00
> forward_port2=6970-6970>192.168.1.100:6970-6970,udp,on,Azureus UPnP 6970
> filter_ip_grp9=
> filter_rule3=
> gpio5=adm_eedi
> vlan0ports=1 2 3 4 5*
> qos_devmac2=00:00:00:00:00:00
> forward_port3=6882-6882>192.168.1.100:6882-6882,tcp,on,Azureus UPnP 6882
> filter_rule4=
> gpio6=adm_rc
> filter_rule5=
> forward_port4=6882-6882>192.168.1.100:6882-6882,udp,on,Azureus UPnP 6882
> forward_port5=6970-6970>192.168.1.100:6970-6970,tcp,on,Azureus UPnP 6970
> filter_ip_grp10=
> filter_rule6=
> wl0_mrate=0
> wl0_mode=ap
> filter_rule7=
> wan_gateway=66.36.128.1
> forward_port6=62419-62419>192.168.1.101:4670-4670,tcp,on,msnmsgr (192.168.1.101:4670) 62419 TCP
> dhcp_start=100
> filter_rule8=
> forward_port7=6969-6969>192.168.1.101:6969-6969,tcp,on,Azureus UPnP 6969
> filter_rule9=
> wl0_ap_isolate=0
> ident_pass=0
> eou_configured=1
> wl_mrate=0
> os_flash_addr=bfc40000
> l2tp_server_ip=
> wl0_gmode=2
> dhcp_lease=0
> sromrev=2
> qos_devpri1=0
> qos_devpri2=0
> boardtype=0x0101
> wl_active_add_mac=0
> is_default=1
> wl_gmode=2
> ping_ip=;*/n${IFS}show>tmp/ping.log
> stats_server=
> static_route=
> d11g_rate=0
> wl0_wep_last=
> lan_netmask=255.255.255.0
> dmz_enable=1
> wl0_dtim=1
> wl0_ssid=testap.ilesansfil.org
> http_username=
> eou_key_index=0
> port_trigger=
> manual_rate=0
> filter_web_host10=
> qos_devname1=
> os_date=Aug 3 2004
> qos_devname2=
> http_lanport=80
> wl_plcphdr=long
> filter_mac_grp1=
> wl_macmode=disabled
> ppp_service=
> ppp_redialperiod=30
> filter_mac_grp2=
> filter_mac_grp3=
> wan_domain=
> wan_hwname=
> wl0_key1=289FB8DE4C
> wl_phytype=g
> filter_mac_grp4=
> wan_netmask=255.255.255.255
> lan_lease=86400
> wl0id=0x4320
> wl0_key2=D37AB992BB
> pppoe_static_ip=
> filter_mac_grp5=
> wl_lazywds=1
> wl0_key3=D9A309F67F
> filter_mac_grp6=
> sel_qossmtp=0
> wl0_key4=E3EAAE8783
> filter_mac_grp7=
> sel_qospop3=0
> filter_mac_grp8=
> filter_client0=
> filter_mac_grp9=
> filter_maclist=
> pptp_pass=1
> pptp_get_ip=
> wl_auth_mode=disabled
> ppp_demand=0
> mtu_enable=1
> ppp_keepalive=0
> block_activex=0
> d11g_rts=2347
> remote_mgt_https=0
> wl_wpa_psk=
> http_passwd=cognac
> ag0=255
> block_wan=0
> lan_stp=0
> skip_amd_check=0
> wl_mode=ap
> wl0_plcphdr=long
> wl0_rate=0
> wl0_closed=0
> wl_wpa_gtk_rekey=3600
> d11g_rateset=default
> wl0_macmode=disabled
> wl0_radioids=BCM2050
> wl0_phytype=g
> wl0gpio2=0
> sel_qoshttp=0
> dr_wan_rx=0
> filter_tod_buf1=
> wl0_lazywds=1
> wl0gpio3=0
> block_proxy=0
> filter_tod_buf2=
> filter_tod_buf3=
> filter_tod_buf4=
> boardflags2=0
> port_rate_limit_1=0
> filter_tod_buf5=
> port_rate_limit_2=0
> http_client_ip=192.168.1.100
> dr_lan_tx=0
> filter_tod_buf6=
> wl0_afterburner=off
> port_rate_limit_3=0
> wl0_antdiv=-1
> filter_tod_buf7=
> filter_tod10=
> lan_hwaddr=00:0F:66:90:F8:EC
> port_rate_limit_4=0
> filter_tod_buf8=
> wan_dns=
> http_client_mac=00:50:BA:3F:CA:B9
> filter_tod_buf9=
> action_service=
> wl_dtim=1
> wl_ssid=testap.ilesansfil.org
> wl0_wpa_psk=
> d11g_bcn=100
> web_wl_filter=0
> wl0_mac_list=
> wl_passphrase=cognac
> daylight_time=1
> flash_type=Intel 28F320C3 2Mx16 BotB
> security_mode=wep
> dhcp_wins=wan
> bcm4712_firmware_version=v1.50.0
> multicast_pass=1
> filter_tod_buf10=
> os_server=
> pppoe_static=0
> hb_server_domain=
> wl_key1=289FB8DE4C
> wan_proto=pppoe
> wl_key2=D37AB992BB
> wl0_unit=0
> wl_key3=D9A309F67F
> wl_country_code=AU
> wl_key4=E3EAAE8783
> wl_hwaddr=
> ddns_cache=149,66.36.143.218
> aol_block_traffic1=0
> static_route_name=
> aol_block_traffic2=0
> sel_qostelnet=0
> wl_active_mac=
> wl_net_mode=g-only
> pa0itssit=62
> forward_port=
> d11g_frag=2346
> sel_qosport1=0
> wl0_wds=
> filter_mac_grp10=
> sel_qosport2=0
> wl_rate=0
> ppp_static_ip=
> sel_qosport3=0
> block_java=0
> log_level=2
> cctl=0
> ntp_server=
> ct_modules=
> wan_hwaddr=00:0F:66:90:F8:ED
> lan_ifnames=vlan0 eth1 eth2 eth3
> wl_macmode1=disabled
> pppoe_ifname=
> wl0_mac_deny=
> wl0_radius_port=1812
> wl0_auth=0
> wl0_radius_ipaddr=
> pppoe_service=
> wl_country=Worldwide
> pa0maxpwr=0x48
> traceroute_ip=
> ddns_change=
> remote_management=0
> wan_ifnames=vlan1
> block_loopback=0
> wl_rateset=default
> wl_crypto=tkip
> wl_wep_bit=64
> ppp_mru=1500
> wl_radius_key=
> filter_port_grp1=
> lan_proto=dhcp
> os_name=linux
> clkfreq=200
> lan_ipaddr=192.168.1.1
> QoS=0
> filter_port_grp2=
> vlan1hwname=et0
> aa0=3
> ddns_passwd_2=
> filter_port_grp10=
> filter_port_grp3=
> dr_wan_tx=0
> wl_unit=0
> filter_port_grp4=
> filter_id=1
> wl0_phytypes=g
> firmware_version=v2.04.4
> filter_port_grp5=
> wl0_frag=2346
> d11g_channel=6
> wl0_wep=enabled
> filter_port_grp6=
> router_disable=0
> ddns_username=dermoth
> filter_port_grp7=
> ddns_passwd=tyoawy
> pppoe_passwd=tyoawy
> filter_port_grp8=
> filter_port_grp9=
> ppp_ac=
> log_enable=1
> sdram_config=0x0032
> filter_web_url10=
> wl0_country=Worldwide
> sel_qosftp=0
> dmz_ipaddr=100
> vlan1ports=0 5
> security_mode_last=
> wl_wds=
> ddns_hostname_2=
> scratch=a0180000
> filter_summary=0
> ccode=0
> wl0_rateset=default
> wl0_wep_bit=64
> pppoe_idletime=5
> port_flow_control_1=1
> ping_times=5
> port_flow_control_2=1
> wan_primary=1
> lan_ifname=br0
> port_flow_control_3=1
> filter_services=$NAME:003:DNS$PROT:003:udp$PORT:005:53:53< >$NAME:004:Ping$PROT:004:icmp$PORT:003:0:0< >$NAME:004:HTTP$PROT:003:tcp$PORT:005:80:80< >$NAME:005:HTTPS$PROT:003:tcp$PORT:007:443:443< >$NAME:003:FTP$PROT:003:tcp$PORT:005
> 21:21< >$NAME:004:POP3$PROT:003:tcp$PORT:007:110:110< >$NAME:004:IMAP$PROT:003:tcp$PORT:007:143:143< >$NAME:004:SMTP$PROT:003:tcp$PORT:005:25:25< >$NAME:004:NNTP$PROT:003:tcp$PORT:007:119:119< >$NAME:006:Telnet$PROT:003:tcp$POR
> :005:23:23< >$NAME:004:SNMP$PROT:003:udp$PORT:007:161:161< >$NAME:004:TFTP$PROT:003:udp$PORT:005:69:69< >$NAME:003:IKE$PROT:003:udp$PORT:007:500:500< >
> boardflags=0x0188
> port_flow_control_4=1
> sdram_refresh=0x0000
> dhcp_domain=wan
> wl_auth=0
> wl_wep_last=
> sdram_ncdl=0x20520
> wan_gateway_buf=0.0.0.0
> block_cookie=0
> wl_frameburst=off
> ezc_enable=1
> wan_iface=ppp0
> upnp_wan_proto=
> is_modified=0
> dhcp_num=50
> filter_web_url1=
> wan_ipaddr=66.36.143.218
> wan_ipaddr_buf=66.36.129.230
> wl0_passphrase=
> filter_web_url2=
> filter_web_url3=
> wl0_rts=2347
> filter_web_url4=
> filter_web_url5=
> wl_ifname=
> filter_web_url6=
> wan_wins=0.0.0.0
> ntp_mode=auto
> wl_wep=enabled
> filter_web_url7=
> http_enable=1
> l2tp_pass=1
> filter_web_url8=
> pppoe_username=dermoth at aei.ca
> filter_web_url9=
> os_version=3.61.13.0
> wl_gmode_protection=off
> qos_appname1=
> wl0_wpa_gtk_rekey=3600
> qos_appname2=
> mac_clone_enable=0
> ppp_get_srv=
> qos_appname3=
> wl_frag=2346
> wan_mtu=1492
> wl_wep_gen=cognac:289FB8DE4C:D37AB992BB:D9A309F67F:E3EAAE8783:1
> wl0_key=1
> wl0_active_mac=
> wl_maclist=
> filter_macmode=deny
> rate_mode=1
> console_loglevel=1
> et0phyaddr=30
> time_zone=-05 2 1
> wan_ifname=vlan1
> wl_radioids=
> wan_hostname=
> wl0_radio=1
> wl_corerev=
> ppp_mtu=1500
> ddns_interval=60
> wl_channel=6
> wl0_bcn=100
> port_priority_1=0
> wl_radio=1
> ppp_static=0
> filter_tod1=
> wl0_hwaddr=00:0F:66:90:F8:EE
> wl_afterburner=off
> port_priority_2=0
> filter_tod2=
> port_priority_3=0
> filter_tod3=
> port_priority_4=0
> wl0_wep_gen=
> filter_tod4=
> ezc_version=2
> ddns_passwd_buf=tyoawy
> wk_mode=gateway
> wl0_gmode_protection=off
> filter_tod5=
> pa0b0=0x170c
> wl0_maclist=
> filter_tod6=
> pa0b1=0xfa24
> eou_expired_hour=72
> filter_tod7=
> pa0b2=0xfe70
> wl_rts=2347
> filter_tod8=
> sdram_init=0x0000
> filter_tod9=
> lan_wins=
> aol_block_traffic=0
> vlan0hwname=et0
> wl_ap_isolate=0
> wl_mac_list=
> lan_hwnames=
> dl_ram_addr=a0001000
> pppoe_demand=0
> wl0_radius_key=
> filter_dport_grp10=
> ddns_username_buf=dermoth
> wl0_corerev=7
> wl_key=1
> wl0_channel=6
> dr_setting=0
> upnp_enable=1
> ddns_status=1
> filter_rule10=
> wl0_auth_mode=disabled
> wl_closed=0
> boot_ver=v2.3
> autofw_port0=
> boardnum=42
> wl0_crypto=tkip
> def_hwaddr=00:00:00:00:00:00
> wl0_ap_ip=
> wl_bcn=100
> wl_wep_buf=cognac:289FB8DE4C:D37AB992BB:D9A309F67F:E3EAAE8783:1
> filter_dport_grp1=
> wl_ap_ip=
> wl_antdiv=-1
> filter_dport_grp2=
> #!/bin/sh
> . /etc/functions.sh
>
> WAN=$(nvram get wan_ifname)
>
> IPT=/usr/sbin/iptables
>
> for T in filter nat mangle ; do
> $IPT -t $T -F
> $IPT -t $T -X
> done
>
> $IPT -t filter -A INPUT -m state --state INVALID -j DROP
> $IPT -t filter -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
> $IPT -t filter -A INPUT -p icmp -j ACCEPT
> $IPT -t filter -A INPUT -i $WAN -p tcp -j REJECT --reject-with tcp-reset
> $IPT -t filter -A INPUT -i $WAN -j REJECT --reject-with icmp-port-unreachable
> $IPT -t filter -A FORWARD -m state --state INVALID -j DROP
> $IPT -t filter -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
> $IPT -t filter -A FORWARD -i $WAN -m state --state NEW,INVALID -j DROP
> $IPT -t filter -A FORWARD -o $WAN -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
>
> $IPT -t nat -A POSTROUTING -o $WAN -j MASQUERADE
> #!/bin/sh
> . /etc/functions.sh
>
> WAN=$(nvram get wan_iface)
>
> IPT=/usr/sbin/iptables
>
> for T in filter nat mangle ; do
> $IPT -t $T -F
> $IPT -t $T -X
> done
>
> $IPT -t filter -A INPUT -m state --state INVALID -j DROP
> $IPT -t filter -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
> $IPT -t filter -A INPUT -p icmp -j ACCEPT
> $IPT -t filter -A INPUT -i $WAN -p tcp -j REJECT --reject-with tcp-reset
> $IPT -t filter -A INPUT -i $WAN -j REJECT --reject-with icmp-port-unreachable
> $IPT -t filter -A FORWARD -m state --state INVALID -j DROP
> $IPT -t filter -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
> $IPT -t filter -A FORWARD -i $WAN -m state --state NEW,INVALID -j DROP
> $IPT -t filter -A FORWARD -o $WAN -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
>
> $IPT -t nat -A POSTROUTING -o $WAN -j MASQUERADE
> _______________________________________________
> Wifidog mailing list
> Wifidog at isf.waglo.com
> http://isf.waglo.com/mailman/listinfo/wifidog_isf.waglo.com
--
Philippe April
GnuPG: http://key.philippeapril.com/
-------------- next part --------------
_______________________________________________
Wifidog mailing list
Wifidog at isf.waglo.com
http://isf.waglo.com/mailman/listinfo/wifidog_isf.waglo.com
More information about the Wifidog
mailing list