Teraz mi się przypomniało, że kiedyś chyba usuwałem jakieś pakiety z ipv6.
Pytanie czy jeśli zrobię upgrade do najnowszej wersji luci - http://dl.eko.one.pl/luci/openwrt-18.06 … pgrade.tar
Upgrade bez zachowania ustawień to czy zostaną przywrócone ewentualnie te pakiety który wywaliłem?
Nie jesteś zalogowany. Proszę się zalogować lub zarejestrować.
Opcje wyszukiwania (Strona 4 z 7)
eko.one.pl → Posty przez artur5236
Znalezione posty: 76 do 100 z 173
76 2019-02-18 09:15:27
Odp: ipv6 na Wan (21 odpowiedzi, napisanych Oprogramowanie / Software)
77 2019-02-18 08:38:29
Odp: ipv6 na Wan (21 odpowiedzi, napisanych Oprogramowanie / Software)
Tak, wiem, że wan6 jest od ipv6. Dzisiaj jeszcze raz to przesprawdzam.
Tak się zastanawiam jakie realne korzyści będę miał z tego ipv6 i czy nie lepiej poprosić upc o przełączenie na ipv4. Na razie chciałbym potestować.
Właściwie to jak podłączyłem modem bezpośrednio do laptopa to dostałem 2 adresy, jeden ipv4, drugi ipv6.
78 2019-02-17 14:02:31
Temat: ipv6 na Wan (21 odpowiedzi, napisanych Oprogramowanie / Software)
Cześć,
Mam internet z UPS, gdzie jest włączone ipv6 i podłączając kabel do laptopa dostaję adres ipv6.
Mam router Xiaomi 3g i wpiąłem do wanu kabel od modemu upc ale nie dostałem adresu ipv6. Ustawienia mam domyślne na dhcp. Trzeba gdzieś dodatkowo włączyć ipv6. Widzę interfejs wan i wan6
79 2019-01-27 12:40:28
Odp: Firewall - problem z regułą na blokadę wan (16 odpowiedzi, napisanych Oprogramowanie / Software)
Ale skucha, faktycznie.
Dzięki za pomoc Cezary
80 2019-01-27 12:13:29
Odp: Firewall - problem z regułą na blokadę wan (16 odpowiedzi, napisanych Oprogramowanie / Software)
root@OpenWrt:~# iptables -v -L
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
34 3954 ACCEPT all -- lo any anywhere anywhere /* !fw3 */
1936 260K input_rule all -- any any anywhere anywhere /* !fw3: user chain for input */
1192 200K ACCEPT all -- any any anywhere anywhere ctstate RELATED,ESTABLISHED /* !fw3 */
60 2656 syn_flood tcp -- any any anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN /* !fw3 */
502 35689 zone_lan_input all -- br-lan any anywhere anywhere /* !fw3 */
83 5072 zone_wan_input all -- eth0.2 any anywhere anywhere /* !fw3 */
27 1877 zone_vpn_input all -- tun0 any anywhere anywhere /* !fw3 */
132 17266 zone_vlan7_input all -- eth0.7 any anywhere anywhere /* !fw3 */
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
240K 228M forwarding_rule all -- any any anywhere anywhere /* !fw3: user chain for forwarding */
239K 228M ACCEPT all -- any any anywhere anywhere ctstate RELATED,ESTABLISHED /* !fw3 */
744 93954 zone_vpn_dest_ACCEPT all -- any any anywhere anywhere /* !fw3: forwarding * -> vpn */
741 93639 zone_vlan7_dest_ACCEPT all -- any any anywhere anywhere /* !fw3: forwarding * -> vlan7 */
724 90339 zone_lan_dest_ACCEPT all -- any any anywhere anywhere /* !fw3: forwarding * -> lan */
537 80619 zone_vlan7_dest_ACCEPT all -- any any anywhere anywhere /* !fw3: forwarding * -> vlan7 */
537 80619 zone_vpn_dest_ACCEPT all -- any any anywhere anywhere /* !fw3: forwarding * -> vpn */
537 80619 zone_lan_forward all -- br-lan any anywhere anywhere /* !fw3 */
0 0 zone_wan_forward all -- eth0.2 any anywhere anywhere /* !fw3 */
0 0 zone_vpn_forward all -- tun0 any anywhere anywhere /* !fw3 */
0 0 zone_vlan7_forward all -- eth0.7 any anywhere anywhere /* !fw3 */
0 0 reject all -- any any anywhere anywhere /* !fw3 */
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
34 3954 ACCEPT all -- any lo anywhere anywhere /* !fw3 */
1499 208K output_rule all -- any any anywhere anywhere /* !fw3: user chain for output */
912 167K ACCEPT all -- any any anywhere anywhere ctstate RELATED,ESTABLISHED /* !fw3 */
0 0 zone_lan_output all -- any br-lan anywhere anywhere /* !fw3 */
557 37573 zone_wan_output all -- any eth0.2 anywhere anywhere /* !fw3 */
0 0 zone_vpn_output all -- any tun0 anywhere anywhere /* !fw3 */
30 2850 zone_vlan7_output all -- any eth0.7 anywhere anywhere /* !fw3 */
Chain forwarding_lan_rule (1 references)
pkts bytes target prot opt in out source destination
Chain forwarding_rule (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- ppp+ any anywhere anywhere
0 0 ACCEPT all -- any ppp+ anywhere anywhere
Chain forwarding_vlan7_rule (1 references)
pkts bytes target prot opt in out source destination
Chain forwarding_vpn_rule (1 references)
pkts bytes target prot opt in out source destination
Chain forwarding_wan_rule (1 references)
pkts bytes target prot opt in out source destination
Chain input_lan_rule (1 references)
pkts bytes target prot opt in out source destination
Chain input_rule (1 references)
pkts bytes target prot opt in out source destination
Chain input_vlan7_rule (1 references)
pkts bytes target prot opt in out source destination
Chain input_vpn_rule (1 references)
pkts bytes target prot opt in out source destination
Chain input_wan_rule (1 references)
pkts bytes target prot opt in out source destination
Chain output_lan_rule (1 references)
pkts bytes target prot opt in out source destination
Chain output_rule (1 references)
pkts bytes target prot opt in out source destination
Chain output_vlan7_rule (1 references)
pkts bytes target prot opt in out source destination
Chain output_vpn_rule (1 references)
pkts bytes target prot opt in out source destination
Chain output_wan_rule (1 references)
pkts bytes target prot opt in out source destination
Chain reject (3 references)
pkts bytes target prot opt in out source destination
62 2724 REJECT tcp -- any any anywhere anywhere /* !fw3 */ reject-with tcp-reset
20 2306 REJECT all -- any any anywhere anywhere /* !fw3 */ reject-with icmp-port-unreachable
Chain syn_flood (1 references)
pkts bytes target prot opt in out source destination
60 2656 RETURN tcp -- any any anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 25/sec burst 50 /* !fw3 */
0 0 DROP all -- any any anywhere anywhere /* !fw3 */
Chain zone_lan_dest_ACCEPT (8 references)
pkts bytes target prot opt in out source destination
187 9720 ACCEPT all -- any br-lan anywhere anywhere /* !fw3 */
Chain zone_lan_forward (1 references)
pkts bytes target prot opt in out source destination
537 80619 forwarding_lan_rule all -- any any anywhere anywhere /* !fw3: user chain for forwarding */
0 0 zone_wan_dest_REJECT tcp -- any any WIN10-ELM001.lan anywhere /* !fw3: reject-test-lan */
0 0 zone_wan_dest_REJECT udp -- any any WIN10-ELM001.lan anywhere /* !fw3: reject-test-lan */
537 80619 zone_wan_dest_ACCEPT all -- any any anywhere anywhere /* !fw3: forwarding lan -> wan */
0 0 ACCEPT all -- any any anywhere anywhere ctstate DNAT /* !fw3: Accept port forwards */
0 0 zone_lan_dest_ACCEPT all -- any any anywhere anywhere /* !fw3 */
Chain zone_lan_input (1 references)
pkts bytes target prot opt in out source destination
502 35689 input_lan_rule all -- any any anywhere anywhere /* !fw3: user chain for input */
0 0 ACCEPT all -- any any anywhere anywhere ctstate DNAT /* !fw3: Accept port redirections */
502 35689 zone_lan_src_ACCEPT all -- any any anywhere anywhere /* !fw3 */
Chain zone_lan_output (1 references)
pkts bytes target prot opt in out source destination
0 0 output_lan_rule all -- any any anywhere anywhere /* !fw3: user chain for output */
0 0 zone_lan_dest_ACCEPT all -- any any anywhere anywhere /* !fw3 */
Chain zone_lan_src_ACCEPT (1 references)
pkts bytes target prot opt in out source destination
502 35689 ACCEPT all -- br-lan any anywhere anywhere ctstate NEW,UNTRACKED /* !fw3 */
Chain zone_vlan7_dest_ACCEPT (4 references)
pkts bytes target prot opt in out source destination
47 6150 ACCEPT all -- any eth0.7 anywhere anywhere /* !fw3 */
Chain zone_vlan7_forward (1 references)
pkts bytes target prot opt in out source destination
0 0 forwarding_vlan7_rule all -- any any anywhere anywhere /* !fw3: user chain for forwarding */
0 0 zone_wan_dest_REJECT tcp -- any any anywhere anywhere /* !fw3: reject-vlan7-wan */
0 0 zone_wan_dest_REJECT udp -- any any anywhere anywhere /* !fw3: reject-vlan7-wan */
0 0 zone_wan_dest_ACCEPT all -- any any anywhere anywhere /* !fw3: forwarding vlan7 -> wan */
0 0 ACCEPT all -- any any anywhere anywhere ctstate DNAT /* !fw3: Accept port forwards */
0 0 zone_vlan7_dest_ACCEPT all -- any any anywhere anywhere /* !fw3 */
Chain zone_vlan7_input (1 references)
pkts bytes target prot opt in out source destination
132 17266 input_vlan7_rule all -- any any anywhere anywhere /* !fw3: user chain for input */
0 0 ACCEPT all -- any any anywhere anywhere ctstate DNAT /* !fw3: Accept port redirections */
132 17266 zone_vlan7_src_ACCEPT all -- any any anywhere anywhere /* !fw3 */
Chain zone_vlan7_output (1 references)
pkts bytes target prot opt in out source destination
30 2850 output_vlan7_rule all -- any any anywhere anywhere /* !fw3: user chain for output */
30 2850 zone_vlan7_dest_ACCEPT all -- any any anywhere anywhere /* !fw3 */
Chain zone_vlan7_src_ACCEPT (1 references)
pkts bytes target prot opt in out source destination
132 17266 ACCEPT all -- eth0.7 any anywhere anywhere ctstate NEW,UNTRACKED /* !fw3 */
Chain zone_vpn_dest_ACCEPT (4 references)
pkts bytes target prot opt in out source destination
3 315 ACCEPT all -- any tun0 anywhere anywhere /* !fw3 */
Chain zone_vpn_forward (1 references)
pkts bytes target prot opt in out source destination
0 0 forwarding_vpn_rule all -- any any anywhere anywhere /* !fw3: user chain for forwarding */
0 0 zone_wan_dest_ACCEPT all -- any any anywhere anywhere /* !fw3: forwarding vpn -> wan */
0 0 zone_lan_dest_ACCEPT all -- any any anywhere anywhere /* !fw3: forwarding vpn -> lan */
0 0 ACCEPT all -- any any anywhere anywhere ctstate DNAT /* !fw3: Accept port forwards */
0 0 zone_vpn_dest_ACCEPT all -- any any anywhere anywhere /* !fw3 */
Chain zone_vpn_input (1 references)
pkts bytes target prot opt in out source destination
27 1877 input_vpn_rule all -- any any anywhere anywhere /* !fw3: user chain for input */
0 0 ACCEPT all -- any any anywhere anywhere ctstate DNAT /* !fw3: Accept port redirections */
27 1877 zone_vpn_src_ACCEPT all -- any any anywhere anywhere /* !fw3 */
Chain zone_vpn_output (1 references)
pkts bytes target prot opt in out source destination
0 0 output_vpn_rule all -- any any anywhere anywhere /* !fw3: user chain for output */
0 0 zone_vpn_dest_ACCEPT all -- any any anywhere anywhere /* !fw3 */
Chain zone_vpn_src_ACCEPT (1 references)
pkts bytes target prot opt in out source destination
27 1877 ACCEPT all -- tun0 any anywhere anywhere ctstate NEW,UNTRACKED /* !fw3 */
Chain zone_wan_dest_ACCEPT (4 references)
pkts bytes target prot opt in out source destination
51 2148 DROP all -- any eth0.2 anywhere anywhere ctstate INVALID /* !fw3: Prevent NAT leakage */
1043 116K ACCEPT all -- any eth0.2 anywhere anywhere /* !fw3 */
Chain zone_wan_dest_REJECT (5 references)
pkts bytes target prot opt in out source destination
0 0 reject all -- any eth0.2 anywhere anywhere /* !fw3 */
Chain zone_wan_forward (1 references)
pkts bytes target prot opt in out source destination
0 0 forwarding_wan_rule all -- any any anywhere anywhere /* !fw3: user chain for forwarding */
0 0 zone_lan_dest_ACCEPT esp -- any any anywhere anywhere /* !fw3: Allow-IPSec-ESP */
0 0 zone_lan_dest_ACCEPT udp -- any any anywhere anywhere udp dpt:isakmp /* !fw3: Allow-ISAKMP */
0 0 zone_lan_dest_ACCEPT tcp -- any any anywhere anywhere tcp dpt:1723 /* !fw3: @rule[10] */
0 0 zone_lan_dest_ACCEPT udp -- any any anywhere anywhere udp dpt:1723 /* !fw3: @rule[10] */
0 0 ACCEPT all -- any any anywhere anywhere ctstate DNAT /* !fw3: Accept port forwards */
0 0 zone_wan_dest_REJECT all -- any any anywhere anywhere /* !fw3 */
Chain zone_wan_input (1 references)
pkts bytes target prot opt in out source destination
83 5072 input_wan_rule all -- any any anywhere anywhere /* !fw3: user chain for input */
0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:bootpc /* !fw3: Allow-DHCP-Renew */
0 0 ACCEPT igmp -- any any anywhere anywhere /* !fw3: Allow-IGMP */
1 42 ACCEPT udp -- any any anywhere anywhere udp dpt:5236 /* !fw3: OpenVPN */
0 0 ACCEPT all -- any any anywhere anywhere ctstate DNAT /* !fw3: Accept port redirections */
82 5030 zone_wan_src_REJECT all -- any any anywhere anywhere /* !fw3 */
Chain zone_wan_output (1 references)
pkts bytes target prot opt in out source destination
557 37573 output_wan_rule all -- any any anywhere anywhere /* !fw3: user chain for output */
557 37573 zone_wan_dest_ACCEPT all -- any any anywhere anywhere /* !fw3 */
Chain zone_wan_src_REJECT (1 references)
pkts bytes target prot opt in out source destination
82 5030 reject all -- eth0.2 any anywhere anywhere /* !fw3 */81 2019-01-27 11:46:55
Odp: Firewall - problem z regułą na blokadę wan (16 odpowiedzi, napisanych Oprogramowanie / Software)
Proszę:
Mam zrobioną oprócz lanu (192.168.5.0/24), dodatkowo podsieć 192.168.10.0/24 na vlan7
root@OpenWrt:~# uci show network
network.loopback=interface
network.loopback.ifname='lo'
network.loopback.proto='static'
network.loopback.ipaddr='127.0.0.1'
network.loopback.netmask='255.0.0.0'
network.globals=globals
network.globals.ula_prefix='fdef:c78e:e737::/48'
network.lan=interface
network.lan.type='bridge'
network.lan.ifname='eth0.1'
network.lan.proto='static'
network.lan.netmask='255.255.255.0'
network.lan.ip6assign='60'
network.lan.ipaddr='192.168.5.1'
network.lan_dev=device
network.lan_dev.name='eth0.1'
network.lan_dev.macaddr='78:11:dc:42:b5:f8'
network.wan=interface
network.wan.ifname='eth0.2'
network.wan._orig_ifname='eth0.2'
network.wan._orig_bridge='false'
network.wan.proto='static'
network.wan.ipaddr='192.168.0.9'
network.wan.netmask='255.255.255.0'
network.wan.gateway='192.168.0.1'
network.wan.dns='62.179.1.62 62.179.1.63'
network.vlan7=interface
network.vlan7.proto='static'
network.vlan7.netmask='255.255.255.0'
network.vlan7.ifname='eth0.7'
network.vlan7.ipaddr='192.168.10.1'
network.wan6=interface
network.wan6.ifname='eth0.2'
network.wan6.proto='dhcpv6'
network.@switch[0]=switch
network.@switch[0].name='switch0'
network.@switch[0].reset='1'
network.@switch[0].enable_vlan='1'
network.@switch_vlan[0]=switch_vlan
network.@switch_vlan[0].device='switch0'
network.@switch_vlan[0].vlan='1'
network.@switch_vlan[0].ports='2 3 6t'
network.@switch_vlan[1]=switch_vlan
network.@switch_vlan[1].device='switch0'
network.@switch_vlan[1].vlan='2'
network.@switch_vlan[1].ports='1 6t'
network.@switch_vlan[2]=switch_vlan
network.@switch_vlan[2].device='switch0'
network.@switch_vlan[2].vlan='7'
network.@switch_vlan[2].ports='2t 6t'
network.vpn=interface
network.vpn.ifname='tun0'
network.vpn.proto='none'82 2019-01-27 11:39:12
Odp: Firewall - problem z regułą na blokadę wan (16 odpowiedzi, napisanych Oprogramowanie / Software)
Zainstalowałem tcpdump na routerze.
Odpaliłem na hoście 192.168.5.108 ping na 8.8.8.8 i jak widać tcpdump wychwycił ten ruch:
Tak 'wan' mam 
config interface 'wan'
option ifname 'eth0.2'
option _orig_ifname 'eth0.2'
option _orig_bridge 'false'
option proto 'static'
option ipaddr '192.168.0.9'
option netmask '255.255.255.0'
option gateway '192.168.0.1'
option dns '62.179.1.62 62.179.1.63'83 2019-01-27 11:21:17
Odp: Firewall - problem z regułą na blokadę wan (16 odpowiedzi, napisanych Oprogramowanie / Software)
Tak, robiłem. Inne zmiany się zapisują, reguła dopisuje się do iptables ale ruchu nie blokuje.
84 2019-01-27 09:04:14
Odp: Firewall - problem z regułą na blokadę wan (16 odpowiedzi, napisanych Oprogramowanie / Software)
Zrobiłem również testowo regułę na blokadę jednego ip z lanu i tak samo nie działa.
config rule
option enabled '1'
option src 'lan'
option dest 'wan'
option name 'reject-test-lan'
option src_ip '192.168.5.108'
option target 'REJECT'Ktoś może podpowiedzieć o co chodzi?
85 2019-01-26 14:57:03
Odp: Firewall - problem z regułą na blokadę wan (16 odpowiedzi, napisanych Oprogramowanie / Software)
Docelowo, chciałbym aby z vlan7 dostęp do wanu miał tylko jeden host więc muszę zezwolić a następnie zablokować pozostałe hosty.
Sprawdziłem liczniki i jest 0 więc ruch w ogóle nie przechodzi przez tą regułę.
86 2019-01-24 18:32:13
Odp: Firewall - problem z regułą na blokadę wan (16 odpowiedzi, napisanych Oprogramowanie / Software)
Cezary miałem jeszcze to w etc/config/firewall
config forwarding
option scr 'vlan7'
option dest 'wan'I jak powyższe wywaliłem to wtedy ruch do wanu był niedostępny.
W iptables wygląda na to, że reguły się dodają
Chain zone_vlan7_dest_ACCEPT (4 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere /* !fw3 */
Chain zone_vlan7_forward (1 references)
target prot opt source destination
forwarding_vlan7_rule all -- anywhere anywhere /* !fw3: user chain for forwarding */
zone_wan_dest_REJECT tcp -- anywhere anywhere /* !fw3: reject-vlan7-wan */
zone_wan_dest_REJECT udp -- anywhere anywhere /* !fw3: reject-vlan7-wan */
ACCEPT all -- anywhere anywhere ctstate DNAT /* !fw3: Accept port forwards */
zone_vlan7_dest_ACCEPT all -- anywhere anywhere /* !fw3 */
Chain zone_vlan7_input (1 references)
target prot opt source destination
input_vlan7_rule all -- anywhere anywhere /* !fw3: user chain for input */
ACCEPT all -- anywhere anywhere ctstate DNAT /* !fw3: Accept port redirections */
zone_vlan7_src_ACCEPT all -- anywhere anywhere /* !fw3 */
Chain zone_vlan7_output (1 references)
target prot opt source destination
output_vlan7_rule all -- anywhere anywhere /* !fw3: user chain for output */
zone_vlan7_dest_ACCEPT all -- anywhere anywhere /* !fw3 */
Chain zone_vlan7_src_ACCEPT (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere ctstate NEW,UNTRACKED /* !fw3 */Mógłbym prosić jeszcze o informację, gdzie sprawdzić te liczniki?
87 2019-01-24 15:53:54
Temat: Firewall - problem z regułą na blokadę wan (16 odpowiedzi, napisanych Oprogramowanie / Software)
Cześć,
Mam dziwny problem związany z firewallem.
Dodałem regułę
config rule
option src 'vlan7'
option proto 'tcpudp'
option name 'reject-vlan7-wan'
option target 'REJECT'
option dest 'wan'config zone
option name 'vlan7'
option network 'vlan7'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'Chciałem zablokować dostęp do wanu z zony vlan7 i mimo powyższego wpisu w /etc/config/firewall nadal będąc w vlan7 mam dostęp do wanu.
Możecie podpowiedź jak zdiagnozować ten problem?
88 2019-01-22 11:35:19
Odp: Aktualizacja Xiaomi Mi Router 3G do najnowszego lede (2 odpowiedzi, napisanych Oprogramowanie / Software)
Dzięki za szybką odpowiedź, pewnie poczekam do końca miesiąca na nowe buildy.
89 2019-01-22 11:09:24
Temat: Aktualizacja Xiaomi Mi Router 3G do najnowszego lede (2 odpowiedzi, napisanych Oprogramowanie / Software)
Cześć,
Mam szybkie pytanie.
Obecnie posiadam na Xiaomi wersję LEDE Luci - OpenWrt SNAPSHOT r6022-175538f / LuCI Master (git-18.039.58622-76f9f5e)
Zamierzam zrobić upgrade do najnowszego firmware czyli https://dl.eko.one.pl/luci/openwrt-18.0 … pgrade.tar
Chciałbym zrobić upgrade z zachowaniem ustawień, a pytanie jest czy faktycznie te ustawienia zostaną zachowane. Ewentualnie jaka jest szansa, że coś pójdzie nie tak i będę musiał od nowa konfigurować?
90 2018-03-03 19:13:20
Odp: WDR 3600 LEDE LUCI i ZTE MF821 (7 odpowiedzi, napisanych Oprogramowanie / Software)
Czyli warto sprawdzić 3g i qmi i potestować co w mojej sytuacji będzie lepsze?
91 2018-03-03 16:34:59
Odp: WDR 3600 LEDE LUCI i ZTE MF821 (7 odpowiedzi, napisanych Oprogramowanie / Software)
Dzięki Cezary za odpowiedź.
W końcu zadziałało u mnie na takich ustawieniach, po prostu przełożyłem modem do drugiego portu USB w routerze i zaczęło śmigać.
config interface 'wan'
option proto '3g'
option apn 'internet'
option service 'umts_only'
option device '/dev/ttyUSB2'
option ipv6 'auto'Na Twoich ustawieniach czyli proto=qmi też oczywiście działa.
Podsumowując jaka jest różnica między tymi konfiguracjami. Domyślam się, że qmi będzie lepszym rozwiązaniem.
92 2018-03-03 14:37:34
Temat: WDR 3600 LEDE LUCI i ZTE MF821 (7 odpowiedzi, napisanych Oprogramowanie / Software)
Cześć,
Mam problem z nawiązaniem połączenia LTE w modemie ZTE MF821, który podłączony jest do portu USB w TP-LINKu WDR3600. Mam wgrane LEDE z LUCI. Wersja: LEDE Reboot 17.01-SNAPSHOT r3825-28483d4 / LuCI lede-17.01 branch (git-18.039.58469-1c94003)
Pierwszy pytanie to dlaczego w typach protokołu nie mam wyboru LTE, najwyżej co mogę ustawić to UMTS/GPRS/EV-DO. Jeśli wybiorę tę opcję to Internetu nie mam. Dioda na modemie świeci na czerwono a powinno na zielone. Zasięg LTE mam, bo wcześniej na wersji Gargoyle wszystko działało.
Tak mam ustawiony wan
config interface 'wan'
option proto '3g'
option device '/dev/ttyUSB2'
option apn 'internet'
option ipv6 'auto'logread
[ 0.000000] Linux version 4.4.112 (cezary@eko.one.pl) (gcc version 5.4.0 (LEDE GCC 5.4.0 r3785-ceea0ac) ) #0 Fri Jan 26 07:37:28 2018
[ 0.000000] MyLoader: sysp=d41aa8a5, boardp=3bb52003, parts=bd952718
[ 0.000000] bootconsole [early0] enabled
[ 0.000000] CPU0 revision is: 0001974c (MIPS 74Kc)
[ 0.000000] SoC: Atheros AR9344 rev 2
[ 0.000000] Determined physical RAM map:
[ 0.000000] memory: 08000000 @ 00000000 (usable)
[ 0.000000] Initrd not found or empty - disabling initrd
[ 0.000000] No valid device tree found, continuing without
[ 0.000000] Zone ranges:
[ 0.000000] Normal [mem 0x0000000000000000-0x0000000007ffffff]
[ 0.000000] Movable zone start for each node
[ 0.000000] Early memory node ranges
[ 0.000000] node 0: [mem 0x0000000000000000-0x0000000007ffffff]
[ 0.000000] Initmem setup node 0 [mem 0x0000000000000000-0x0000000007ffffff]
[ 0.000000] On node 0 totalpages: 32768
[ 0.000000] free_area_init_node: node 0, pgdat 804384d0, node_mem_map 81000000
[ 0.000000] Normal zone: 256 pages used for memmap
[ 0.000000] Normal zone: 0 pages reserved
[ 0.000000] Normal zone: 32768 pages, LIFO batch:7
[ 0.000000] Primary instruction cache 64kB, VIPT, 4-way, linesize 32 bytes.
[ 0.000000] Primary data cache 32kB, 4-way, VIPT, cache aliases, linesize 32 bytes
[ 0.000000] pcpu-alloc: s0 r0 d32768 u32768 alloc=1*32768
[ 0.000000] pcpu-alloc: [0] 0
[ 0.000000] Built 1 zonelists in Zone order, mobility grouping on. Total pages: 32512
[ 0.000000] Kernel command line: board=TL-WDR4300 console=ttyS0,115200 rootfstype=squashfs,jffs2 noinitrd
[ 0.000000] PID hash table entries: 512 (order: -1, 2048 bytes)
[ 0.000000] Dentry cache hash table entries: 16384 (order: 4, 65536 bytes)
[ 0.000000] Inode-cache hash table entries: 8192 (order: 3, 32768 bytes)
[ 0.000000] Writing ErrCtl register=00000000
[ 0.000000] Readback ErrCtl register=00000000
[ 0.000000] Memory: 124944K/131072K available (3122K kernel code, 162K rwdata, 780K rodata, 280K init, 205K bss, 6128K reserved, 0K cma-reserved)
[ 0.000000] SLUB: HWalign=32, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
[ 0.000000] NR_IRQS:51
[ 0.000000] Clocks: CPU:560.000MHz, DDR:450.000MHz, AHB:225.000MHz, Ref:40.000MHz
[ 0.000000] clocksource: MIPS: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 6825930166 ns
[ 0.000009] sched_clock: 32 bits at 280MHz, resolution 3ns, wraps every 7669584382ns
[ 0.008299] Calibrating delay loop... 278.93 BogoMIPS (lpj=1394688)
[ 0.081137] pid_max: default: 32768 minimum: 301
[ 0.086177] Mount-cache hash table entries: 1024 (order: 0, 4096 bytes)
[ 0.093230] Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes)
[ 0.103194] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
[ 0.113722] futex hash table entries: 256 (order: -1, 3072 bytes)
[ 0.121416] NET: Registered protocol family 16
[ 0.127602] MIPS: machine is TP-LINK TL-WDR3600/4300/4310
[ 0.136705] registering PCI controller with io_map_base unset
[ 0.370109] PCI host bridge to bus 0000:00
[ 0.374482] pci_bus 0000:00: root bus resource [mem 0x10000000-0x13ffffff]
[ 0.381843] pci_bus 0000:00: root bus resource [io 0x0000]
[ 0.387772] pci_bus 0000:00: root bus resource [??? 0x00000000 flags 0x0]
[ 0.395004] pci_bus 0000:00: No busn resource found for root bus, will use [bus 00-ff]
[ 0.403476] pci 0000:00:00.0: [168c:0033] type 00 class 0x028000
[ 0.403508] pci 0000:00:00.0: invalid calibration data
[ 0.409013] pci 0000:00:00.0: reg 0x10: [mem 0x00000000-0x0001ffff 64bit]
[ 0.409074] pci 0000:00:00.0: reg 0x30: [mem 0x00000000-0x0000ffff pref]
[ 0.409144] pci 0000:00:00.0: supports D1
[ 0.409161] pci 0000:00:00.0: PME# supported from D0 D1 D3hot
[ 0.409392] pci_bus 0000:00: busn_res: [bus 00-ff] end is updated to 00
[ 0.409427] pci 0000:00:00.0: BAR 0: assigned [mem 0x10000000-0x1001ffff 64bit]
[ 0.417222] pci 0000:00:00.0: BAR 6: assigned [mem 0x10020000-0x1002ffff pref]
[ 0.424942] pci 0000:00:00.0: using irq 40 for pin 1
[ 0.431090] clocksource: Switched to clocksource MIPS
[ 0.437815] NET: Registered protocol family 2
[ 0.443371] TCP established hash table entries: 1024 (order: 0, 4096 bytes)
[ 0.450802] TCP bind hash table entries: 1024 (order: 0, 4096 bytes)
[ 0.457614] TCP: Hash tables configured (established 1024 bind 1024)
[ 0.464463] UDP hash table entries: 256 (order: 0, 4096 bytes)
[ 0.470687] UDP-Lite hash table entries: 256 (order: 0, 4096 bytes)
[ 0.477670] NET: Registered protocol family 1
[ 0.482441] PCI: CLS 0 bytes, default 32
[ 0.487053] Crashlog allocated RAM at address 0x3f00000
[ 0.507281] squashfs: version 4.0 (2009/01/31) Phillip Lougher
[ 0.513548] jffs2: version 2.2 (NAND) (SUMMARY) (LZMA) (RTIME) (CMODE_PRIORITY) (c) 2001-2006 Red Hat, Inc.
[ 0.526526] io scheduler noop registered
[ 0.530709] io scheduler deadline registered (default)
[ 0.536487] Serial: 8250/16550 driver, 16 ports, IRQ sharing enabled
[ 0.546011] console [ttyS0] disabled
[ 0.569889] serial8250.0: ttyS0 at MMIO 0x18020000 (irq = 11, base_baud = 2500000) is a 16550A
[ 0.579085] console [ttyS0] enabled
[ 0.586506] bootconsole [early0] disabled
[ 0.599928] m25p80 spi0.0: found s25fl064k, expected m25p80
[ 0.605650] m25p80 spi0.0: s25fl064k (8192 Kbytes)
[ 0.611629] 5 tp-link partitions found on MTD device spi0.0
[ 0.617286] Creating 5 MTD partitions on "spi0.0":
[ 0.622184] 0x000000000000-0x000000020000 : "u-boot"
[ 0.628616] 0x000000020000-0x00000016e4a8 : "kernel"
[ 0.635284] 0x00000016e4a8-0x0000007f0000 : "rootfs"
[ 0.641935] mtd: device 2 (rootfs) set to be root filesystem
[ 0.647707] 1 squashfs-split partitions found on MTD device rootfs
[ 0.654037] 0x000000600000-0x0000007f0000 : "rootfs_data"
[ 0.661144] 0x0000007f0000-0x000000800000 : "art"
[ 0.667527] 0x000000020000-0x0000007f0000 : "firmware"
[ 0.681781] switch0: Atheros AR8327 rev. 2 switch registered on ag71xx-mdio.0
[ 1.292945] libphy: ag71xx_mdio: probed
[ 1.882483] ag71xx ag71xx.0: connected to PHY at ag71xx-mdio.0:00 [uid=004dd033, driver=Atheros AR8216/AR8236/AR8316]
[ 1.893942] eth0: Atheros AG71xx at 0xb9000000, irq 4, mode:RGMII
[ 1.902524] NET: Registered protocol family 10
[ 1.910932] NET: Registered protocol family 17
[ 1.915580] bridge: automatic filtering via arp/ip/ip6tables has been deprecated. Update your scripts to load br_netfilter if you need this.
[ 1.928520] 8021q: 802.1Q VLAN Support v1.8
[ 1.934523] hctosys: unable to open rtc device (rtc0)
[ 1.944641] VFS: Mounted root (squashfs filesystem) readonly on device 31:2.
[ 1.953122] Freeing unused kernel memory: 280K
[ 3.029904] init: Console is alive
[ 3.033631] init: - watchdog -
[ 4.586495] kmodloader: loading kernel modules from /etc/modules-boot.d/*
[ 4.724185] usbcore: registered new interface driver usbfs
[ 4.729851] usbcore: registered new interface driver hub
[ 4.735381] usbcore: registered new device driver usb
[ 4.780413] SCSI subsystem initialized
[ 4.790626] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[ 4.798931] ehci-platform: EHCI generic platform driver
[ 4.804388] ehci-platform ehci-platform: EHCI Host Controller
[ 4.810269] ehci-platform ehci-platform: new USB bus registered, assigned bus number 1
[ 4.820413] ehci-platform ehci-platform: irq 3, io mem 0x1b000000
[ 4.841169] ehci-platform ehci-platform: USB 2.0 started, EHCI 1.00
[ 4.848471] hub 1-0:1.0: USB hub found
[ 4.852646] hub 1-0:1.0: 1 port detected
[ 4.861322] usbcore: registered new interface driver usb-storage
[ 4.868153] kmodloader: done loading kernel modules from /etc/modules-boot.d/*
[ 4.878238] init: - preinit -
[ 5.297330] usb 1-1: new high-speed USB device number 2 using ehci-platform
[ 5.602345] hub 1-1:1.0: USB hub found
[ 5.606697] hub 1-1:1.0: 4 ports detected
[ 5.630354] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready
[ 5.703182] random: procd: uninitialized urandom read (4 bytes read, 10 bits of entropy available)
[ 5.891112] usb 1-1.2: new high-speed USB device number 3 using ehci-platform
[ 6.006639] usb-storage 1-1.2:1.0: USB Mass Storage device detected
[ 6.013713] scsi host0: usb-storage 1-1.2:1.0
[ 6.882348] eth0: link up (1000Mbps/Full duplex)
[ 6.887116] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
[ 7.012807] scsi 0:0:0:0: CD-ROM L_T_E USB SCSI CD-ROM USB PQ: 0 ANSI: 0
[ 7.023304] scsi 0:0:0:1: Direct-Access ZTE MMC Storage 2.31 PQ: 0 ANSI: 0
[ 7.034116] sd 0:0:0:1: [sda] 7959552 512-byte logical blocks: (4.08 GB/3.79 GiB)
[ 7.042472] sd 0:0:0:1: [sda] Write Protect is off
[ 7.047350] sd 0:0:0:1: [sda] Mode Sense: 0f 0e 00 00
[ 7.047966] sd 0:0:0:1: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[ 7.063478] sda: sda1 sda2
[ 7.070845] sd 0:0:0:1: [sda] Attached SCSI removable disk
[ 8.834009] mount_root: loading kmods from internal overlay
[ 8.876908] kmodloader: loading kernel modules from //etc/modules-boot.d/*
[ 8.885805] kmodloader: done loading kernel modules from //etc/modules-boot.d/*
[ 9.153490] jffs2: notice: (463) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[ 9.169582] block: attempting to load /tmp/jffs_cfg/upper/etc/config/fstab
[ 9.182817] block: extroot: not configured
[ 9.227313] jffs2: notice: (460) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[ 9.402667] block: attempting to load /tmp/jffs_cfg/upper/etc/config/fstab
[ 9.415579] block: extroot: not configured
[ 9.420646] mount_root: switching to jffs2 overlay
[ 9.432526] urandom-seed: Seeding with /etc/urandom.seed
[ 9.562910] eth0: link down
[ 9.577733] procd: - early -
[ 9.580755] procd: - watchdog -
[ 10.164913] random: jshn: uninitialized urandom read (4 bytes read, 42 bits of entropy available)
[ 10.318830] procd: - watchdog -
[ 10.331468] procd: - ubus -
[ 10.482153] random: jshn: uninitialized urandom read (4 bytes read, 43 bits of entropy available)
[ 10.736168] random: jshn: uninitialized urandom read (4 bytes read, 43 bits of entropy available)
[ 10.745637] random: ubusd: uninitialized urandom read (4 bytes read, 43 bits of entropy available)
[ 10.761601] random: ubusd: uninitialized urandom read (4 bytes read, 43 bits of entropy available)
[ 10.770755] random: ubusd: uninitialized urandom read (4 bytes read, 43 bits of entropy available)
[ 10.786897] random: ubusd: uninitialized urandom read (4 bytes read, 43 bits of entropy available)
[ 10.796115] random: ubusd: uninitialized urandom read (4 bytes read, 43 bits of entropy available)
[ 10.805759] random: ubusd: uninitialized urandom read (4 bytes read, 43 bits of entropy available)
[ 10.815494] procd: - init -
[ 11.888946] sd 0:0:0:1: [sda] Synchronizing SCSI cache
[ 12.013223] kmodloader: loading kernel modules from /etc/modules.d/*
[ 12.061661] tun: Universal TUN/TAP device driver, 1.6
[ 12.066798] tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
[ 12.103364] ip6_tables: (C) 2000-2006 Netfilter Core Team
[ 12.139249] fuse init (API version 7.23)
[ 12.166833] usbcore: registered new interface driver cdc_acm
[ 12.172645] cdc_acm: USB Abstract Control Model driver for USB modems and ISDN adapters
[ 12.203438] usbcore: registered new interface driver cdc_wdm
[ 12.223365] Loading modules backported from Linux version wt-2017-01-31-0-ge882dff19e7f
[ 12.231537] Backport generated by backports.git backports-20160324-13-g24da7d3c
[ 12.252598] ip_tables: (C) 2000-2006 Netfilter Core Team
[ 12.281212] nf_conntrack version 0.5.0 (1956 buckets, 7824 max)
[ 12.386735] usbcore: registered new interface driver usblp
[ 12.411674] usbcore: registered new interface driver usbserial
[ 12.417720] usbcore: registered new interface driver usbserial_generic
[ 12.424486] usbserial: USB Serial support registered for generic
[ 12.492220] xt_time: kernel timezone is -0000
[ 12.500993] usbcore: registered new interface driver cdc_ether
[ 12.521010] usbcore: registered new interface driver cdc_ncm
[ 12.592720] usbcore: registered new interface driver huawei_cdc_ncm
[ 12.719336] PPP generic driver version 2.4.2
[ 12.731154] NET: Registered protocol family 24
[ 12.742271] usbcore: registered new interface driver qmi_wwan
[ 12.763995] usbcore: registered new interface driver rndis_host
[ 12.783464] usbcore: registered new interface driver sierra
[ 12.789229] usbserial: USB Serial support registered for Sierra USB modem
[ 12.810162] usbcore: registered new interface driver sierra_net
[ 12.893446] usbcore: registered new interface driver cdc_mbim
[ 12.910931] usbcore: registered new interface driver option
[ 12.916759] usbserial: USB Serial support registered for GSM modem (1-port)
[ 12.946216] usbcore: registered new interface driver qcserial
[ 12.952229] usbserial: USB Serial support registered for Qualcomm USB modem
[ 13.001399] ath: EEPROM regdomain: 0x0
[ 13.001419] ath: EEPROM indicates default country code should be used
[ 13.001429] ath: doing EEPROM country->regdmn map search
[ 13.001450] ath: country maps to regdmn code: 0x3a
[ 13.001462] ath: Country alpha2 being used: US
[ 13.001471] ath: Regpair used: 0x3a
[ 13.013666] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht'
[ 13.018535] ieee80211 phy0: Atheros AR9340 Rev:2 mem=0xb8100000, irq=47
[ 13.025502] PCI: Enabling device 0000:00:00.0 (0000 -> 0002)
[ 13.036807] ath: EEPROM regdomain: 0x0
[ 13.036824] ath: EEPROM indicates default country code should be used
[ 13.036834] ath: doing EEPROM country->regdmn map search
[ 13.036855] ath: country maps to regdmn code: 0x3a
[ 13.036867] ath: Country alpha2 being used: US
[ 13.036877] ath: Regpair used: 0x3a
[ 13.046437] ieee80211 phy1: Selected rate control algorithm 'minstrel_ht'
[ 13.051420] ieee80211 phy1: Atheros AR9300 Rev:4 mem=0xb0000000, irq=40
[ 13.131491] kmodloader: done loading kernel modules from /etc/modules.d/*
[ 14.562325] usb 1-1.2: USB disconnect, device number 3
[ 18.891110] usb 1-1.2: new high-speed USB device number 4 using ehci-platform
[ 19.008058] option 1-1.2:1.0: GSM modem (1-port) converter detected
[ 19.014789] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB0
[ 19.022756] option 1-1.2:1.1: GSM modem (1-port) converter detected
[ 19.029402] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB1
[ 19.037347] option 1-1.2:1.2: GSM modem (1-port) converter detected
[ 19.044050] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB2
[ 19.052000] option 1-1.2:1.3: GSM modem (1-port) converter detected
[ 19.058630] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB3
[ 19.200753] qmi_wwan 1-1.2:1.4: cdc-wdm0: USB WDM device
[ 19.207185] qmi_wwan 1-1.2:1.4 wwan0: register 'qmi_wwan' at usb-ehci-platform-1.2, WWAN/QMI device, 52:a8:80:cb:ce:b1
[ 19.218447] usb-storage 1-1.2:1.5: USB Mass Storage device detected
[ 19.301173] scsi host1: usb-storage 1-1.2:1.5
[ 20.312068] scsi 1:0:0:0: CD-ROM L_T_E USB SCSI CD-ROM USB PQ: 0 ANSI: 0
[ 20.353519] scsi 1:0:0:1: Direct-Access ZTE MMC Storage 2.31 PQ: 0 ANSI: 0
[ 20.364416] sd 1:0:0:1: [sda] 7959552 512-byte logical blocks: (4.08 GB/3.79 GiB)
[ 20.405263] sd 1:0:0:1: [sda] Write Protect is off
[ 20.410167] sd 1:0:0:1: [sda] Mode Sense: 0f 0e 00 00
[ 20.441195] sd 1:0:0:1: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[ 20.486750] sda: sda1 sda2
[ 20.534374] sd 1:0:0:1: [sda] Attached SCSI removable disk
[ 24.911745] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready
[ 24.922857] device eth0.1 entered promiscuous mode
[ 24.927727] device eth0 entered promiscuous mode
[ 24.934193] IPv6: ADDRCONF(NETDEV_UP): br-lan: link is not ready
[ 24.962443] IPv6: ADDRCONF(NETDEV_UP): eth0.2: link is not ready
[ 26.243598] eth0: link up (1000Mbps/Full duplex)
[ 26.248367] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
[ 26.321257] br-lan: port 1(eth0.1) entered forwarding state
[ 26.326967] br-lan: port 1(eth0.1) entered forwarding state
[ 26.332752] IPv6: ADDRCONF(NETDEV_CHANGE): eth0.2: link becomes ready
[ 26.416353] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan: link becomes ready
[ 26.452747] ath: EEPROM regdomain: 0x8268
[ 26.452767] ath: EEPROM indicates we should expect a country code
[ 26.452782] ath: doing EEPROM country->regdmn map search
[ 26.452795] ath: country maps to regdmn code: 0x37
[ 26.452807] ath: Country alpha2 being used: PL
[ 26.452818] ath: Regpair used: 0x37
[ 26.452831] ath: regdomain 0x8268 dynamically updated by user
[ 26.452916] ath: EEPROM regdomain: 0x8268
[ 26.452926] ath: EEPROM indicates we should expect a country code
[ 26.452939] ath: doing EEPROM country->regdmn map search
[ 26.452952] ath: country maps to regdmn code: 0x37
[ 26.452963] ath: Country alpha2 being used: PL
[ 26.452973] ath: Regpair used: 0x37
[ 26.452984] ath: regdomain 0x8268 dynamically updated by user
[ 28.321146] br-lan: port 1(eth0.1) entered forwarding state
[ 29.659784] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
[ 29.739484] device wlan0 entered promiscuous mode
[ 29.821276] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 29.827903] br-lan: port 2(wlan0) entered forwarding state
[ 29.833569] br-lan: port 2(wlan0) entered forwarding state
[ 31.324208] random: nonblocking pool is initialized
[ 31.767355] 3g-wan: renamed from ppp0
[ 31.856395] br-lan: port 2(wlan0) entered forwarding state
[ 34.012635] nf_conntrack: automatic helper assignment is deprecated and it will be removed soon. Use the iptables CT target to attach helpers instead.Prośba o podpowiedź co może być nie tak.
93 2018-02-27 11:24:20
Odp: TP-Link Archer C7 Niska prędkość WAN na Gargoyle (2 odpowiedzi, napisanych Oprogramowanie / Software)
Pewnie na LEDE byłoby szybciej. To gargoyle, które masz to jest najnowsza wersja?
Ja miałem ten sam problem - https://eko.one.pl/forum/viewtopic.php?id=16250
Rozwiązaniem była wymiana routera na Xiaomi Router 3G i teraz mam 220Mb/s.
94 2018-02-17 14:20:47
Odp: OpenVPN LEDE LUCI - Konfiguracja serwera (27 odpowiedzi, napisanych Oprogramowanie / Software)
To ja wiem. Bardziej zastanawia mnie kwestia dlaczego u Ciebie ruch jest dozwolony na wszystkie możliwe sposoby. Jak to wygląda pod kątem bezpieczeństwa?
95 2018-02-17 12:16:55
Odp: OpenVPN LEDE LUCI - Konfiguracja serwera (27 odpowiedzi, napisanych Oprogramowanie / Software)
Dzięki za linka właśnie sobie czytam drugi poradnik i trochę zastanawia mnie różnica w konfiguracji głównej strefy na firewallu.
W Twoim poradniku jest:
config zone
option name 'vpn'
option input 'ACCEPT'
option forward 'ACCEPT'
option output 'ACCEPT'
option network 'vpn'A na tej stronie rpc.onet.pl
config zone
option name 'openvpn_tun0'
option network 'openvpn_tun0'
option input REJECT
option output ACCEPT
option forward REJECT
option family 'ipv4'
option mtu_fix 1Oczywiście chodzi mi o reguły input i forward. U Ciebie jest ACCEPT a w tym podesłanym przez Ciebie linku REJECT. Możesz powiedzieć z czego to wynika?
96 2018-02-17 10:37:01
Odp: OpenVPN LEDE LUCI - Konfiguracja serwera (27 odpowiedzi, napisanych Oprogramowanie / Software)
Cezary przeczytałem już poradnik i nie znalazłem rozwiązania swojego problemu. OK, jest opisane jak zapewnić "pełną" komunikacją między dwoma klientami ale jak ja chcę tylko klient-serwer?
97 2018-02-17 09:22:23
Odp: OpenVPN LEDE LUCI - Konfiguracja serwera (27 odpowiedzi, napisanych Oprogramowanie / Software)
Klientowi został przydzielony adres 10.8.0.6 i z poziomu routera, który jest serwerem mogę pingować ten adres. Ale już z komputera, który jest w podsieci serwera ping na adres 10.8.0.6 pozostaje bez odpowiedzi.
98 2018-02-17 08:48:32
Odp: Nie działa Wake on Lan LEDE LUCI (13 odpowiedzi, napisanych Oprogramowanie / Software)
Cześć, dzięki za odpowiedź. Tak BIOS jest ok, jak pisałem na innym routerze wybudzanie tego samego kompa działa bez problemu.
Wynik polecania ip neigh. Komputer który chce wybudzić ma przypisany adres 192.168.5.99.
192.168.5.99 dev br-lan lladdr 6c:f0:49:09:2a:71 ref 1 used 2/0/2 probes 1 REACHABLE
192.168.0.1 dev eth0.2 lladdr ac:22:05:85:8d:0f ref 1 used 9/9/9 probes 1 REACHABLE
192.168.5.216 dev br-lan lladdr 00:9e:c8:b7:39:86 ref 1 used 16/15/15 probes 1 REACHABLE
192.168.5.97 dev br-lan lladdr 00:11:32:64:0f:d7 used 89/84/58 probes 1 STALE
192.168.5.227 dev br-lan lladdr 94:fe:22:07:df:3d used 39/34/5 probes 1 STALE
192.168.5.247 dev br-lan lladdr e4:9a:79:04:08:68 used 40/37/15 probes 1 STALE
192.168.5.96 dev br-lan lladdr e4:9a:79:04:08:68 used 483/544/481 probes 6 FAILED
192.168.5.217 dev br-lan lladdr e4:9a:79:04:08:68 used 3069/3669/3066 probes 6 FAILED
fe80::96fe:22ff:fe07:df3d dev br-lan lladdr 94:fe:22:07:df:3d used 81/81/65 probes 1 STALE
fe80::29e:c8ff:feb7:3986 dev br-lan lladdr 00:9e:c8:b7:39:86 used 201/201/186 probes 1 STALE
fe80::9016:4982:e3f1:fdc7 dev br-lan lladdr 28:16:ad:96:fb:1d used 3665/3665/3630 probes 1 STALE
fdef:c78e:e737::9044:96fd:ffde:d3a2 dev br-lan lladdr 00:9e:c8:b7:39:86 used 206/206/191 probes 1 STALE
fe80::ce6:be1f:f731:ff7e dev br-lan lladdr e4:9a:79:04:08:68 used 37/37/22 probes 1 STALE
fe80::7a11:dcff:fe42:b5f7 dev eth0.2 lladdr 78:11:dc:42:b5:f7 used 3918/3974/3910 probes 0 STALE
fdef:c78e:e737::10d2:f192:3ca1:8f5b dev br-lan lladdr 94:fe:22:07:df:3d used 86/86/71 probes 1 STALE
fe80::e0f3:b202:af42:dc47 dev br-lan lladdr 6c:f0:49:09:2a:71 used 70/70/54 probes 1 STALE
fe80::211:32ff:fe64:fd7 dev br-lan lladdr 00:11:32:64:0f:d7 used 2768/2768/2722 probes 1 STALE
fe80::1825:c65c:690c:24c dev eth0.2 lladdr 78:67:d7:4e:ce:f9 used 3900/3960/13 probes 0 STALE
fe80::1825:c65c:690c:24c dev eth0 lladdr 78:67:d7:4e:ce:f9 used 3923/3983/3923 probes 0 STALE
fe80::e0f3:b202:af42:dc47 dev eth0 lladdr 6c:f0:49:09:2a:71 used 3923/3983/3923 probes 0 STALE
fdef:c78e:e737::252c:986c:cc5b:22f4 dev br-lan lladdr 6c:f0:49:09:2a:71 used 53/53/38 probes 1 STALE
fdef:c78e:e737::9d0f:f3d5:c508:2c0e dev br-lan lladdr 28:16:ad:96:fb:1d used 3675/3675/3640 probes 1 STALEPolecenie etherwake -i br-lan 6C:F0:49:09:2A:71 spowodowało wybudzenie komputera
EDIT: Ok, już znalazłem przyczynę przez weba też działa jeśli wybiorę interfejs: br-lan, wcześniej wybierałem rozgłaszaj na wszystkie interfejsty i ta opcja nie działa na moim komp więc trzeba pamiętać aby wybrać tam br-lan.
99 2018-02-17 08:44:32
Odp: OpenVPN LEDE LUCI - Konfiguracja serwera (27 odpowiedzi, napisanych Oprogramowanie / Software)
Cześć, klienta z Windowsem skonfigurowałem i wszystko działa jak trzeba.
Zabrałem się dziś za skonfigurowanie 2 Klienta tym razem WDR3600 na pokładzie LUDE+LUCI.
VPN nawiązuje połączenie, ale jest jeden problem.
Podsieć klienta:192.168.1.0/24
Podsieć serwera: 192.168.5.0/24
I tak, z podsieci klienta mam dostęp do urządzeń w podsieci serwera, czyli np. mogę pingować 192.168.5.1 ale w drugą stronę już nie. To znaczy z podsieci serwera nie mogę wejść nawet na router WDR3600 (192.168.1.1). Mimo tego, że VPN jest nawiązany nie mam komunikacji z podsieci serwera do podsieci klienta.
Na firewallu nic nie zmieniałem, bo według poradnika połączenie jest "dwustronne".
Cytat:
"To jest właściwość samego tunelu - można zrobić z klienta połączenie do serwera i przy pomocy telnetu/ssh dostać się do serwera czy jego zasobów lokalnych; można także z serwera zrobić telnet/ssh i dostać się do zasobów klienta. Połączenie jest "dwustronne" i o ile ruch nie został ograniczony specjalnie np. firewallem to obie strony powinny mieć dostęp do siebie."
Być może coś źle zrozumiałem, możecie pomóc ?
100 2018-02-16 21:26:10
Temat: Nie działa Wake on Lan LEDE LUCI (13 odpowiedzi, napisanych Oprogramowanie / Software)
Cześć,
Macie pomysł dlaczego nie działa mi Wake on Lan.
Próbuje wybudzić komputer stacjonarny przez GUI w Luci. Komp na pewno obsługuję Wol, bo na innym routerze działało bez problemu.
Mam taki komunikat:
/usr/bin/etherwake -D -b "6C:F0:49:09:2A:71"
The target station address is 6C:F0:49:09:2A:71.
Packet is ff ff ff ff ff ff 6c f0 49 09 2a 71 08 42 ff ff ff ff ff ff 6c f0 49 09 2a 71 6c f0 49 09...
Sendto worked ! 116.Mój router to Xiaomi Mi Router 3G i najnowsze LEDE LUCI ściągnięte z tej strony.
Znalezione posty: 76 do 100 z 173
eko.one.pl → Posty przez artur5236
Forum oparte o PunBB, wspierane przez Informer Technologies, Inc