I slusznie. Wszystko zadzialalo.
Urządzenia mialy błędny default gateway. Tcpdump pomogł.
DZiękuję za pomoc.
Pozdrawiam,
Marcin
Nie jesteś zalogowany. Proszę się zalogować lub zarejestrować.
eko.one.pl → Posty przez marcin_wawa
I slusznie. Wszystko zadzialalo.
Urządzenia mialy błędny default gateway. Tcpdump pomogł.
DZiękuję za pomoc.
Pozdrawiam,
Marcin
Znalazlem taką informację w dokumentacji firewall dotyczącą forwarding:
https://openwrt.org/docs/guide-user/fir … figuration
"At least one of the src or dest zones needs to have connection tracking enabled through the masq option."
Dodałem zatem taką opcję do definicji zony wifi
config zone
option name 'wifi'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'wifi'
option masq '1'Niestety bez zmian po reboot.
Jeśli chodzi o traceroute to po podłączeniu do sieci wifi (192.168.17.0/24) i próbie kontaktu z urządzeniem z lan (192.168.16.0/24) wygląda tak:
$ traceroute 192.168.16.101
traceroute to 192.168.16.101 (192.168.16.101), 30 hops max, 60 byte packets
1 OpenWRT.lan (192.168.17.1) 2.982 ms 2.948 ms 3.594 ms
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *Zastanawia mnie dlaczego przy OpenWRT.lan pokazuje się 192.168.17.1 czy jest to dopisek lan uzupełniony z definicji dnsmasq option domain czy jest jakis problem w konfiguracji?
Dla uzupełnienia obrazu
/etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd60:0edd:8cea::/48'
config interface 'wan'
option ifname 'eth1'
option proto 'dhcp'
config interface 'wan6'
option ifname 'eth1'
option proto 'dhcpv6'
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.16.1'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '1 2 3 4 0t'
config interface 'vpn'
option ifname 'tun0'
option proto 'none'
config interface 'wifi'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.17.1'
option netmask '255.255.255.0'/etc/config/dhcp
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option nonwildcard '1'
option localservice '1'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv6 'server'
option ra 'server'
option ra_management '1'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config dhcp 'wifi'
option start '100'
option limit '150'
option leasetime '12h'
option interface 'wifi'/etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option channel '11'
option hwmode '11g'
option path 'platform/ahb/18100000.wmac'
option htmode 'HT20'
config wifi-iface 'wifi'
option device 'radio0'
option network 'wifi'
option mode 'ap'
option ssid 'abc'
option key 'xxxxxxxxxxx'
option encryption 'psk2'Tam nie ma żadnych więcej urządzeń poza kamerami w lan. Zaraz wepnę się do lan i sprawdzę czy lokalnie się do nich dostaję czy nie ma problemu w innym miejscu.
Zrobione. Sytuacja bez zmian.
config zone
option name 'lan'
list network 'lan'
option forward 'REJECT'
option input 'ACCEPT'
option output 'ACCEPT'
config zone
option name 'wifi'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'wifi'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
option network 'wan wan6'
config zone
option name 'vpn'
option input 'ACCEPT'
option forward 'ACCEPT'
option output 'ACCEPT'
option network 'vpn'
option masq '1'
config forwarding
option src 'wifi'
option dest 'wan'
config forwarding
option src 'vpn'
option dest 'wan'
config forwarding
option src 'vpn'
option dest 'lan'
config forwarding
option src 'wifi'
option dest 'lan'
config rule
option name 'OpenVPN'
option target 'ACCEPT'
option src 'wan'
option proto 'udp'
option dest_port '1194'Dzień dobry,
Niestety po podłączeniu do wifi (będac w sieci wifi 192.168.17.0/24) nie jestem w stanie dostać się do urządzeń w lan (siec 192.168.16.0/24) mimo ustawionego forwarding wifi->lan (trzy posty wyżej).
Co może być przyczyna? Czego brakuje? Czy powoduje to sposób konfiguracji zony lan?
config zone
option name 'lan'
option input 'ACCEPT'
option output 'REJECT'
option forward 'REJECT'
option network 'lan'Dziękuję i pozdrawiam,
Marcin
Hmmm... forwarding wifi->lan juz jest.
Jeśli to wystarczy to muszę jutro potestować dlaczego nie zadziałało.
Dziękuję.
Marcin
Jeszcze jedno drobne pytanie.
Jak ustawic routing by po podłączeniu się do wifi można było dostać się do hostów z lan?
Dziękuję i pozdrawiam,
Marcin
Czyli bez forwarding lan->vpn , lan->wifi, lan->wan cel będzie osiągnięty.
DZiękuję za pomoc.
Pozdrawiam,
Marcin
Dziękuję,
Tak ten forwarding lan->wan to przeoczenie. Oczywiście do usunięcia. Dziękuję.
Mam pytanie natomiast co do REJECT dla wifi. Intencją jest by z lan nie mozna było zainicjować zadnego połączenia na zewnątrz. Czy jeśli zatem zrobił bym dla lan input ACCEPT ale output REJECT i pozostawił resztę jak jest będę mógł zainicjować połączenie z vpn lub wifi do systemu w lan?
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'REJECT'
option forward 'REJECT'
option network 'lan'
config zone
option name 'wifi'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'wifi'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
option network 'wan wan6'
config zone
option name 'vpn'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'vpn'
option masq '1'
config forwarding
option src 'wifi'
option dest 'wan'
config forwarding
option src 'vpn'
option dest 'wan'
config forwarding
option src 'vpn'
option dest 'lan'
config forwarding
option src 'wifi'
option dest 'lan'
config rule
option name 'OpenVPN'
option src 'wan'
option proto 'udp'
option dest_port '1194'
option target 'ACCEPT'Dziękuję i pozdrawiam,
Marcin
Dobry wieczór,
Na routerze mam cztery interfejsy
- lan (porty ethernet routera)
- wifi (WiFi routera)
- wan (wyjście do internetu).
- vpn (interfejs openVPN)
Łączę się routerem albo przez wifi albo przez vpn.
Do portów ethernet (lan) mam podłączone urządzenia, które muszą mieć zablokowany dostęp do internetu (kamery ip).
Chcę zatem zablokować ruch jakikolwiek ruch inicjowany z lan, przy równoczesnym pozostawieniu możliwości połączenia się aplikacją z komputera w momencie kiedy jestem podłączony przez wifi lub vpn.
Dodatkowo będąc podłączony do wifi powinienem mieć normalny dostęp do internetu.
Dodatkowo: w openvpn jest justawiony routing do lan oraz w lan wszystkie adresy są statyczne.
Czy taki /etc/config/firewall zapewni powyższe?
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option network 'lan'
config zone
option name 'wifi'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'wifi'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
option network 'wan wan6'
config zone
option name 'vpn'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'vpn'
option masq '1'
config forwarding
option src 'lan'
option dest 'wan'
config forwarding
option src 'wifi'
option dest 'wan'
config forwarding
option src 'vpn'
option dest 'wan'
config forwarding
option src 'vpn'
option dest 'lan'
config forwarding
option src 'wifi'
option dest 'lan'
config rule
option name 'Open-VPN'
option src 'wan'
option proto 'udp'
option dest_port '1194'
option target 'ACCEPT'Oczywiscie dodatkowo zawiera standardowe reguły po instalacji OpenWrt
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'Czy wyjście z lan będzie wystarczająco zabezpieczone? Czy na coś jeszcze powinienem zwrócić uwagę?
Dziękuję i pozdrawiam,
Marcin
Dziękuję.
Tak. DHCP i podstawy firewall. Potem ustawię reszte.
Pozdrawiam,
Marcin
Dziękuję za szybką odpowiedz.
Czyli tak:
Tworzę nowy interface 'wifi'
# uci set network.wifi=interface
# uci set network.wifi.type=bridge
# uci set network.wifi.proto=static
# uci set network.wifi.ipaddr=192.168.17.1
# uci set network.wifi.netmask=255.255.255.0
# uci set dhcp.wifi=dhcp
# uci set dhcp.wifi.start=100
# uci set dhcp.wifi.limit=150
# uci set dhcp.wifi.leasetime=12h
# uci set dhcp.wifi.interface=wifi
# uci add firewall zone
# uci set firewall.@zone[-1].name=wifi
# uci add_list firewall.@zone[-1].network=wifi
# uci set firewall.@zone[-1].input=ACCEPT
# uci set firewall.@zone[-1].output=ACCEPT
# uci set firewall.@zone[-1].forward=ACCEPT
# uci add firewall forwarding
# uci set firewall.@forwarding[-1].src=wifi
# uci set firewall.@forwarding[-1].dest=wan
# uci commitNastępnie w /etc/config/wireless podmieniam:
config wifi-iface 'lan'
option device 'radio1'
option mode 'ap'
option network 'lan'
option disassoc_low_ack '0'
option encryption 'psk2'
option key 'xxxxxxxx'
option ssid 'WIFI'na
config wifi-iface 'wifi'
option device 'radio1'
option mode 'ap'
option network 'wifi'
option disassoc_low_ack '0'
option encryption 'psk2'
option key 'xxxxxxxx'
option ssid 'WIFI'
następnie reboot.
Siec 'lan' zostanie tylko na portach eth. Konfigurację firewalla i innych rzeczy będę musiał odtworzyć dla wifi. Zmieniam również config wifi-iface 'wifi' w /etc/config/wireless?
Dziękuję,
Marcin
Drodzy forumowicze,
Chciałbym stworzyć osobny interface ograniczony wyłącznie do portów ethernet, które teraz są elementem interfejsu 'lan' razem z siecią wifi 2,4G i pozostawić obecny interface lan obsługujący wyłącznie połączenia po Wifi 2,4G.
Moja obecna konfiguracja (fragmenty plików)
/etc/config/network
config interface 'lan'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ifname 'eth0.1'
config interface 'lan_5G'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.5.1'
option netmask '255.255.255.0'
option ifname 'lan_5G'/etc/config/wireless
config wifi-iface 'lan_5G'
option device 'radio0'
option mode 'ap'
option network 'lan_5G'
option ssid 'WIFI-5G'
option isolate '1'
option encryption 'psk2'
option key 'xxxxxxxx'
config wifi-iface 'lan'
option device 'radio1'
option mode 'ap'
option network 'lan'
option disassoc_low_ack '0'
option encryption 'psk2'
option key 'xxxxxxxx'
option ssid 'WIFI'Czy stworzenie dwóch sekcji w /etc/config/network jak poniżej (zamiast obecnej 'lan') i reboot będą skutkowały taką zmianą i po reboocie będę miał dwa różne interfejsy i w szczególności wifi działające tak jak było wcześniej, ze wszystkimi regułami na firewall itp?
config interface 'eth'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.3.1'
option netmask '255.255.255.0'
option ifname 'eth0.1'
config interface 'lan'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ifname 'lan'Wifi dziala 'produkcyjnie' dlatego nie chciałbym eksperymentować zablokowania dostępu do Wifi lub zmian w sposobie funkcjonowania.
Będę wdzięczny za ocenę szans powodzenia takiej zmiany.
Czy oprócz zmiany w pliku coś jeszcze powinienem zmienić (chodzi mi o sam interface - resztę (firewall, DHCP itp) dla eth ustawię sobie potem)?
Dziękuję i pozdrawiam,
Marcin
Dziekuję za dotychczasowe podpowiedzi. Nie daje mi jednak spokoju dlaczego nie działają reguły firewalla
1. Dlaczego zapytania do DNS z sieci 192.168.7.1/24 również trafiają do lokalnego DNS skoro dodana reguła ogranicza to wyłącznie do sieci 192.168.6.1/24?
root@MR3420:~# cat /etc/firewall.user
iptables -t nat -I PREROUTING -s 192.168.6.0/24 -p udp --dport 53 -j DNAT --to 192.168.6.1
iptables -t nat -I PREROUTING -s 192.168.6.0/24 -p tcp --dport 53 -j DNAT --to 192.168.6.1
root@MR3420:~# Klienci sieci 192.168.7.1 (lan) mają dodaną opcję DNS do DHCP
root@MR3420:~# uci show dhcp.lan
dhcp.lan=dhcp
dhcp.lan.interface='lan'
dhcp.lan.start='100'
dhcp.lan.limit='150'
dhcp.lan.leasetime='12h'
dhcp.lan.dhcpv6='server'
dhcp.lan.ra='server'
dhcp.lan.netmask='255.255.255.0'
dhcp.lan.ra_management='1'
dhcp.lan.dhcp_option='6,8.8.8.8,8.8.4.4'
root@MR3420:~# Nie daje mi to spokoju. Dlaczego to nie dziala...
2. Alternatywnie, może dodać regułę IP tables dla sieci 192.168.7.1 (lan) aby forwardować zapytania DNS, by omijały lokalny DNS.
Jak to zrobić? Tak będzie ok?
iptables -t nat -I PREROUTING -s 192.168.7.0/24 -p udp --dport 53 -j DNAT --to 8.8.8.8
iptables -t nat -I PREROUTING -s 192.168.7.0/24 -p tcp --dport 53 -j DNAT --to 8.8.8.8Czy mozliwe jest zrobienie tego o co mi chodzi z jedną instancją dnsmasq?
Dziękuje i pozdrawiam,
Marcin
Dziękuję.
Stawianie dwóch instancji dnsmasq to oczywiście jest rozwiązanie.
Ale czy naprawdę nie ma możiwości by firewallem (i tylko firewallem) zawrócić zapytania do DNS do Routera wyłącznie z jednej sieci/interfejsu?
To byłoby dużo łatwiejsze. Jak sprawdzić dlaczego to nie działa?
Pozdrawiam,
Marcin
Nie rozumiem dlaczego skoro dla lan podalem zewnętrzny DNS 8.8.8.8 a firewall przekierowuje do dns routera zapytania wyłącznie z sieci kid odpowiedzi są podmieniane... Co tu zrobiłem źle?
I jak przywiązać instancję dnsmasq do konkretnego interface?
Dziękuję i pozdrawiam,
Marcin
Skonfigurowalem uhttpd.
root@MR3420:~# uci show uhttpd
uhttpd.main=uhttpd
uhttpd.main.listen_http='0.0.0.0:1080' '[::]:1080'
uhttpd.main.listen_https='0.0.0.0:1443' '[::]:1443'
uhttpd.main.home='/www'
uhttpd.main.redirect_https='1'
uhttpd.main.rfc1918_filter='1'
uhttpd.main.max_requests='3'
uhttpd.main.max_connections='100'
uhttpd.main.cert='/etc/uhttpd.crt'
uhttpd.main.key='/etc/uhttpd.key'
uhttpd.main.cgi_prefix='/cgi-bin'
uhttpd.main.script_timeout='60'
uhttpd.main.network_timeout='30'
uhttpd.main.http_keepalive='20'
uhttpd.main.tcp_keepalive='1'
uhttpd.defaults=cert
uhttpd.defaults.days='730'
uhttpd.defaults.bits='2048'
uhttpd.defaults.country='ZZ'
uhttpd.defaults.state='Somewhere'
uhttpd.defaults.location='Unknown'
uhttpd.defaults.commonname='LEDE'
uhttpd.kid_net=uhttpd
uhttpd.kid_net.home='/www/kid-net'
uhttpd.kid_net.error_page='/www/kid-net/index.html'
uhttpd.kid_net.listen_http='0.0.0.0:80'
uhttpd.kid_net.listen_https='0.0.0.0:443'
root@MR3420:~# Siec kid działa tak jak powinna, ale niestety widzę, że siec lan niestety zachowuje się tak samo. Tak jakby zapytania do dns z tej sieci również trafiały w lokalne reguły...
A przecież /etc/firewall.user jest ograniczone do sieci kid
iptables -t nat -I PREROUTING -s 192.168.6.0/24 -p udp --dport 53 -j DNAT --to 192.168.6.1
iptables -t nat -I PREROUTING -s 192.168.6.0/24 -p tcp --dport 53 -j DNAT --to 192.168.6.1konfiguracja sieci lan. Nie pomogło dodatkowe wskazanie serwerów DNS przez dhcp..
root@MR3420:~# uci show dhcp.lan
dhcp.lan=dhcp
dhcp.lan.interface='lan'
dhcp.lan.start='100'
dhcp.lan.limit='150'
dhcp.lan.leasetime='12h'
dhcp.lan.dhcpv6='server'
dhcp.lan.ra='server'
dhcp.lan.netmask='255.255.255.0'
dhcp.lan.ra_management='1'
dhcp.lan.dhcp_option='6,8.8.8.8,8.8.4.4'
root@MR3420:~# root@MR3420:~# uci show network.lan
network.lan=interface
network.lan.type='bridge'
network.lan.ifname='eth0'
network.lan.proto='static'
network.lan.netmask='255.255.255.0'
network.lan.ip6assign='60'
network.lan.ipaddr='192.168.7.1'
root@MR3420:~# Konfiguracja firewalla
root@MR3420:~# uci show firewall
firewall.@defaults[0]=defaults
firewall.@defaults[0].syn_flood='1'
firewall.@defaults[0].input='ACCEPT'
firewall.@defaults[0].output='ACCEPT'
firewall.@defaults[0].forward='REJECT'
firewall.@zone[0]=zone
firewall.@zone[0].name='lan'
firewall.@zone[0].network='lan'
firewall.@zone[0].input='ACCEPT'
firewall.@zone[0].output='ACCEPT'
firewall.@zone[0].forward='ACCEPT'
firewall.@zone[1]=zone
firewall.@zone[1].name='wan'
firewall.@zone[1].network='wan' 'wan6'
firewall.@zone[1].input='REJECT'
firewall.@zone[1].output='ACCEPT'
firewall.@zone[1].forward='REJECT'
firewall.@zone[1].masq='1'
firewall.@zone[1].mtu_fix='1'
firewall.@forwarding[0]=forwarding
firewall.@forwarding[0].src='lan'
firewall.@forwarding[0].dest='wan'
firewall.@rule[0]=rule
firewall.@rule[0].name='Allow-DHCP-Renew'
firewall.@rule[0].src='wan'
firewall.@rule[0].proto='udp'
firewall.@rule[0].dest_port='68'
firewall.@rule[0].target='ACCEPT'
firewall.@rule[0].family='ipv4'
firewall.@rule[1]=rule
firewall.@rule[1].name='Allow-Ping'
firewall.@rule[1].src='wan'
firewall.@rule[1].proto='icmp'
firewall.@rule[1].icmp_type='echo-request'
firewall.@rule[1].family='ipv4'
firewall.@rule[1].target='ACCEPT'
firewall.@rule[2]=rule
firewall.@rule[2].name='Allow-IGMP'
firewall.@rule[2].src='wan'
firewall.@rule[2].proto='igmp'
firewall.@rule[2].family='ipv4'
firewall.@rule[2].target='ACCEPT'
firewall.@rule[3]=rule
firewall.@rule[3].name='Allow-DHCPv6'
firewall.@rule[3].src='wan'
firewall.@rule[3].proto='udp'
firewall.@rule[3].src_ip='fc00::/6'
firewall.@rule[3].dest_ip='fc00::/6'
firewall.@rule[3].dest_port='546'
firewall.@rule[3].family='ipv6'
firewall.@rule[3].target='ACCEPT'
firewall.@rule[4]=rule
firewall.@rule[4].name='Allow-MLD'
firewall.@rule[4].src='wan'
firewall.@rule[4].proto='icmp'
firewall.@rule[4].src_ip='fe80::/10'
firewall.@rule[4].icmp_type='130/0' '131/0' '132/0' '143/0'
firewall.@rule[4].family='ipv6'
firewall.@rule[4].target='ACCEPT'
firewall.@rule[5]=rule
firewall.@rule[5].name='Allow-ICMPv6-Input'
firewall.@rule[5].src='wan'
firewall.@rule[5].proto='icmp'
firewall.@rule[5].icmp_type='echo-request' 'echo-reply' 'destination-unreachable' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type' 'router-solicitation' 'neighbour-solicitation' 'router-advertisement' 'neighbour-advertisement'
firewall.@rule[5].limit='1000/sec'
firewall.@rule[5].family='ipv6'
firewall.@rule[5].target='ACCEPT'
firewall.@rule[6]=rule
firewall.@rule[6].name='Allow-ICMPv6-Forward'
firewall.@rule[6].src='wan'
firewall.@rule[6].dest='*'
firewall.@rule[6].proto='icmp'
firewall.@rule[6].icmp_type='echo-request' 'echo-reply' 'destination-unreachable' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type'
firewall.@rule[6].limit='1000/sec'
firewall.@rule[6].family='ipv6'
firewall.@rule[6].target='ACCEPT'
firewall.@rule[7]=rule
firewall.@rule[7].name='Allow-IPSec-ESP'
firewall.@rule[7].src='wan'
firewall.@rule[7].dest='lan'
firewall.@rule[7].proto='esp'
firewall.@rule[7].target='ACCEPT'
firewall.@rule[8]=rule
firewall.@rule[8].name='Allow-ISAKMP'
firewall.@rule[8].src='wan'
firewall.@rule[8].dest='lan'
firewall.@rule[8].dest_port='500'
firewall.@rule[8].proto='udp'
firewall.@rule[8].target='ACCEPT'
firewall.@include[0]=include
firewall.@include[0].path='/etc/firewall.user'
firewall.@zone[2]=zone
firewall.@zone[2].name='kid'
firewall.@zone[2].network='kid'
firewall.@zone[2].input='REJECT'
firewall.@zone[2].forward='REJECT'
firewall.@zone[2].output='ACCEPT'
firewall.@forwarding[1]=forwarding
firewall.@forwarding[1].src='kid'
firewall.@forwarding[1].dest='wan'
firewall.@rule[9]=rule
firewall.@rule[9].src='kid'
firewall.@rule[9].proto='udp'
firewall.@rule[9].src_port='67-68'
firewall.@rule[9].dest_port='67-68'
firewall.@rule[9].target='ACCEPT'
firewall.@rule[9].family='ipv4'
firewall.@rule[10]=rule
firewall.@rule[10].src='kid'
firewall.@rule[10].dest_port='53'
firewall.@rule[10].target='ACCEPT'
firewall.@rule[10].family='ipv4'
firewall.@rule[10].proto='tcpudp'
firewall.@rule[11]=rule
firewall.@rule[11].enabled='1'
firewall.@rule[11].target='ACCEPT'
firewall.@rule[11].src='wan'
firewall.@rule[11].proto='tcp'
firewall.@rule[11].dest_port='22'
firewall.@rule[11].name='WAN-ALLOW-SSH'
firewall.@rule[11].family='ipv4'
firewall.@rule[11].dest_ip='192.168.1.112'
firewall.@rule[12]=rule
firewall.@rule[12].src='kid'
firewall.@rule[12].dest_port='80'
firewall.@rule[12].target='ACCEPT'
firewall.@rule[12].family='ipv4'
firewall.@rule[12].proto='tcpudp'
firewall.@rule[13]=rule
firewall.@rule[13].src='kid'
firewall.@rule[13].dest_port='443'
firewall.@rule[13].target='ACCEPT'
firewall.@rule[13].family='ipv4'
firewall.@rule[13].proto='tcpudp'
root@MR3420:~# Co może być przyczyną takiego zachowania w sieci lan?
Dziękuję za podpowiedz.
Samo przekierowanie na inny IP dziala i z tym nie ma problemu.
Szukam wlasnie sposobu by każde z tych przekierowań trafiało na stronę błędu niezależnie od tego jaki był oryginalny url.
Pomysł z ustawieniem strony błędu na Index.html podoba mi się. Dodatkowo mozna ustawić taką samą error_page, ale jak wtedy przekierować luci na inny port?
Pozdrawiam,
Marcin
Na routerze mam skonfigurowane dwie sieci lan i kid
network.lan=interface
network.lan.type='bridge'
network.lan.ifname='eth0'
network.lan.proto='static'
network.lan.netmask='255.255.255.0'
network.lan.ip6assign='60'
network.lan.ipaddr='192.168.7.1'
network.kid=interface
network.kid.type='bridge'
network.kid.proto='static'
network.kid.netmask='255.255.255.0'
network.kid.ipaddr='192.168.6.1'Zapytania do DNS z sieci kid są przekierowane do lokalnego DNS
iptables -t nat -I PREROUTING -s 192.168.6.0/24 -p udp --dport 53 -j DNAT --to 192.168.6.1
iptables -t nat -I PREROUTING -s 192.168.6.0/24 -p tcp --dport 53 -j DNAT --to 192.168.6.1serwer www ma dodatkową stronę, która wyswietla komunikat o braku mozliwości połączenia
192.168.6.1/cgi-bin/blocked Stronę którą chcę zablokować przekierowuję na lokalny adres routera:
luci add_list dhcp.@dnsmasq[0].address='/example.com/192.168.6.1' Wszystko dziala poprawnie. I teraz pytanie:
W jaki sposób mogę skierować wszystkie przekierowania do adresu routera z interfejsu kid do konkretnego url, tak by przekierowane strony wyświetlały komunikat ze strony:
192.168.6.1/cgi-bin/blocked Nie chcę przekierowywać wszystkich odwołań bo z interfejsu lan chcę się dostawać do luci lub innych stron na serwerze.
Czym najlepiej to zrobić i jak? Na poziomie serwera www? iptables? dnsmasq?
Dodatkowym utrudnieniem jest to, że na routerze mam ograniczoną możliwość doinstalowania czegokolwiek (brak miejsca).
Uprzejmie poproszę o podpowiedz.
dziękuję i pozdrawiam,
Marcin
To już poprawione. Zmieniony jest tylko na goscinnej.
Bardzo dziękuję za pomoc.
Pozdrawiam,
Marcin
Tak jak pisałem nie mam dużego doświadczenia w tych sprawach, więc wzoruję się na najbardziej doświadczonej osobie od routerów i sieci z której wiedzy mogę skorzystać:
https://eko.one.pl/?p=openwrt-guestnetw … aomjrouter
Jeszcze raz ślicznie dziękuję za pomoc.
Pozdrawiam,
Marcin
A czy we wszystkich trzech sieciach moze być ten sam MAC adres?
Dziękuję i pozdrawiam,
Marcin
Pomogło. Dziękuję!
Pozdrawiam,
Marcin
Drodzy forumowicze, konfiguruję TP-Linka AC1750 (Archer C7) tak by mieć 1 sieć w pasmie 5GHz i dwie sieci w paśmie 2.4GHz: Domową i gościnna.
Wszystko jest ok do momentu takiej konfiguracji jak poniżej. Wszystkie sieci są widoczne i można się do nich podłączyć.
root@AC1750:~# uci show wireless
wireless.radio0=wifi-device
wireless.radio0.type='mac80211'
wireless.radio0.channel='36'
wireless.radio0.hwmode='11a'
wireless.radio0.path='pci0000:00/0000:00:00.0'
wireless.radio0.htmode='VHT80'
wireless.radio0.disabled='0'
wireless.radio1=wifi-device
wireless.radio1.type='mac80211'
wireless.radio1.hwmode='11g'
wireless.radio1.path='platform/ahb/18100000.wmac'
wireless.radio1.country='PL'
wireless.radio1.htmode='HT20'
wireless.radio1.disabled='0'
wireless.radio1.channel='1'
wireless.lan_5G=wifi-iface
wireless.lan_5G.device='radio0'
wireless.lan_5G.mode='ap'
wireless.lan_5G.network='lan_5G'
wireless.lan_5G.ssid='DOMEK-5G'
wireless.lan_5G.macaddr='00:11:22:33:44:55'
wireless.lan_5G.isolate='1'
wireless.lan_5G.encryption='psk2'
wireless.lan_5G.key='12345678'
wireless.lan=wifi-iface
wireless.lan.device='radio1'
wireless.lan.mode='ap'
wireless.lan.network='lan'
wireless.lan.disassoc_low_ack='0'
wireless.lan.encryption='psk2'
wireless.lan.ssid='DOMEK-test'
wireless.lan.key='87654321'
wireless.lan.macaddr='11:22:33:44:55:66'
wireless.guest=wifi-iface
wireless.guest.device='radio1'
wireless.guest.mode='ap'
wireless.guest.network='guest'
wireless.guest.ssid='GUEST-NET'
wireless.guest.encryption=none
root@AC1750:~# Po dodaniu zabezpieczeń, izolacji i mac w sieci GUEST-NET obydwie sieci DOMEK-test i GUEST-NET znikają...
Nie widać ich... Nie mozna się do nich podłączyć.
Po zmianie konfiguracja wygląda tak:
root@AC1750:~# uci show wireless
wireless.radio0=wifi-device
wireless.radio0.type='mac80211'
wireless.radio0.channel='36'
wireless.radio0.hwmode='11a'
wireless.radio0.path='pci0000:00/0000:00:00.0'
wireless.radio0.htmode='VHT80'
wireless.radio0.disabled='0'
wireless.radio1=wifi-device
wireless.radio1.type='mac80211'
wireless.radio1.hwmode='11g'
wireless.radio1.path='platform/ahb/18100000.wmac'
wireless.radio1.country='PL'
wireless.radio1.htmode='HT20'
wireless.radio1.disabled='0'
wireless.radio1.channel='1'
wireless.lan_5G=wifi-iface
wireless.lan_5G.device='radio0'
wireless.lan_5G.mode='ap'
wireless.lan_5G.network='lan_5G'
wireless.lan_5G.ssid='DOMEK-5G'
wireless.lan_5G.macaddr='00:11:22:33:44:55'
wireless.lan_5G.isolate='1'
wireless.lan_5G.encryption='psk2'
wireless.lan_5G.key='12345678'
wireless.lan=wifi-iface
wireless.lan.device='radio1'
wireless.lan.mode='ap'
wireless.lan.network='lan'
wireless.lan.disassoc_low_ack='0'
wireless.lan.encryption='psk2'
wireless.lan.ssid='DOMEK-test'
wireless.lan.key='87654321'
wireless.lan.macaddr='11:22:33:44:55:66'
wireless.guest=wifi-iface
wireless.guest.device='radio1'
wireless.guest.mode='ap'
wireless.guest.network='guest'
wireless.guest.ssid='GUEST-NET'
wireless.guest.isolate='1'
wireless.guest.encryption='psk2'
wireless.guest.key='12345678'
wireless.guest.macaddr='33:44:55:66:77:88'
root@AC1750:~# Bedę wdzieczny za podpowiedź czym moze to być spowodowane.
Nie mam dużego doświadczenia w OpenWRT więc gdyby były potrzebne dodatkowe szczegóły konfiguracji - proszę o sgnał
Poniżej załączam logi:
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.000000] Linux version 4.14.171 (builder@buildhost) (gcc version 7.5.0 (OpenWrt GCC 7.5.0 r10947-65030d81f3)) #0 Thu Feb 27 21:05:12 2020
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] bootconsole [early0] enabled
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] CPU0 revision is: 00019750 (MIPS 74Kc)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] MIPS: machine is TP-Link Archer C7 v5
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] SoC: Qualcomm Atheros QCA956X ver 1 rev 0
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] Determined physical RAM map:
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] memory: 08000000 @ 00000000 (usable)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] Initrd not found or empty - disabling initrd
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 0.000000] Primary instruction cache 64kB, VIPT, 4-way, linesize 32 bytes.
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 0.000000] Primary data cache 32kB, 4-way, VIPT, cache aliases, linesize 32 bytes
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] Zone ranges:
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] Normal [mem 0x0000000000000000-0x0000000007ffffff]
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] Movable zone start for each node
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] Early memory node ranges
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] node 0: [mem 0x0000000000000000-0x0000000007ffffff]
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] Initmem setup node 0 [mem 0x0000000000000000-0x0000000007ffffff]
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 0.000000] On node 0 totalpages: 32768
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 0.000000] free_area_init_node: node 0, pgdat 804fbf60, node_mem_map 810090a0
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 0.000000] Normal zone: 256 pages used for memmap
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 0.000000] Normal zone: 0 pages reserved
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 0.000000] Normal zone: 32768 pages, LIFO batch:7
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.000000] random: get_random_bytes called from 0x804ff740 with crng_init=0
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 0.000000] pcpu-alloc: s0 r0 d32768 u32768 alloc=1*32768
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 0.000000] pcpu-alloc: [0] 0
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] Built 1 zonelists, mobility grouping on. Total pages: 32512
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.000000] Kernel command line: console=ttyS0,115200n8 rootfstype=squashfs,jffs2
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] PID hash table entries: 512 (order: -1, 2048 bytes)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] Dentry cache hash table entries: 16384 (order: 4, 65536 bytes)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] Inode-cache hash table entries: 8192 (order: 3, 32768 bytes)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] Writing ErrCtl register=00000000
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] Readback ErrCtl register=00000000
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] Memory: 123296K/131072K available (4028K kernel code, 163K rwdata, 532K rodata, 1220K init, 212K bss, 7776K reserved, 0K cma-reserved)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] SLUB: HWalign=32, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] NR_IRQS: 51
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] CPU clock: 775.000 MHz
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000000] clocksource: MIPS: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 4932285024 ns
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.000007] sched_clock: 32 bits at 387MHz, resolution 2ns, wraps every 5541893118ns
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.008219] Calibrating delay loop... 385.84 BogoMIPS (lpj=1929216)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.074771] pid_max: default: 32768 minimum: 301
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.079782] Mount-cache hash table entries: 1024 (order: 0, 4096 bytes)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.086768] Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.097913] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.108309] futex hash table entries: 256 (order: -1, 3072 bytes)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.114810] pinctrl core: initialized pinctrl subsystem
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.122374] NET: Registered protocol family 16
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.129773] PCI host bridge /ahb/pcie-controller@18250000 ranges:
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.136246] MEM 0x0000000012000000..0x0000000013ffffff
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.141742] IO 0x0000000000000000..0x0000000000000000
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.162214] PCI host bridge to bus 0000:00
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.166537] pci_bus 0000:00: root bus resource [mem 0x12000000-0x13ffffff]
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.173819] pci_bus 0000:00: root bus resource [io 0x0000]
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.179683] pci_bus 0000:00: root bus resource [??? 0x00000000 flags 0x0]
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.186844] pci_bus 0000:00: No busn resource found for root bus, will use [bus 00-ff]
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 0.195220] pci 0000:00:00.0: [168c:003c] type 00 class 0x028000
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 0.195272] pci 0000:00:00.0: reg 0x10: [mem 0x00000000-0x001fffff 64bit]
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 0.195324] pci 0000:00:00.0: reg 0x30: [mem 0x00000000-0x0000ffff pref]
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 0.195396] pci 0000:00:00.0: supports D1 D2
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 0.195573] pci_bus 0000:00: busn_res: [bus 00-ff] end is updated to 00
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.195595] pci 0000:00:00.0: BAR 0: assigned [mem 0x12000000-0x121fffff 64bit]
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.203347] pci 0000:00:00.0: BAR 6: assigned [mem 0x12200000-0x1220ffff pref]
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.213555] clocksource: Switched to clocksource MIPS
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.219767] NET: Registered protocol family 2
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.225132] TCP established hash table entries: 1024 (order: 0, 4096 bytes)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.232480] TCP bind hash table entries: 1024 (order: 0, 4096 bytes)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.239228] TCP: Hash tables configured (established 1024 bind 1024)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.246062] UDP hash table entries: 256 (order: 0, 4096 bytes)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.252232] UDP-Lite hash table entries: 256 (order: 0, 4096 bytes)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.259085] NET: Registered protocol family 1
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 0.263741] PCI: CLS 0 bytes, default 32
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 0.266303] Crashlog allocated RAM at address 0x3f00000
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.272951] workingset: timestamp_bits=30 max_order=15 bucket_order=0
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.284012] squashfs: version 4.0 (2009/01/31) Phillip Lougher
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.290153] jffs2: version 2.2 (NAND) (SUMMARY) (LZMA) (RTIME) (CMODE_PRIORITY) (c) 2001-2006 Red Hat, Inc.
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.308894] io scheduler noop registered
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.313025] io scheduler deadline registered (default)
Wed Mar 18 04:53:25 2020 kern.err kernel: [ 0.318783] ar7200-usb-phy usb-phy: phy reset is missing
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.325889] pinctrl-single 1804002c.pinmux: 544 pins at pa b804002c size 68
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.333708] gpio-export gpio-export: 1 gpio(s) exported
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.339926] Serial: 8250/16550 driver, 16 ports, IRQ sharing enabled
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.348674] console [ttyS0] disabled
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.352470] 18020000.uart: ttyS0 at MMIO 0x18020000 (irq = 9, base_baud = 1562500) is a 16550A
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.361602] console [ttyS0] enabled
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.369169] bootconsole [early0] disabled
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.394804] m25p80 spi0.0: w25q128 (16384 Kbytes)
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.399717] 8 fixed-partitions partitions found on MTD device spi0.0
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.406300] Creating 8 MTD partitions on "spi0.0":
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.411257] 0x000000000000-0x000000020000 : "factory-uboot"
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.417707] 0x000000020000-0x000000040000 : "u-boot"
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.423443] 0x000000040000-0x000000050000 : "partition-table"
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.430068] 0x000000050000-0x000000060000 : "art"
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.435618] 0x000000060000-0x000000080000 : "info"
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.441199] 0x000000080000-0x0000000c0000 : "user-config"
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.447469] 0x0000000c0000-0x000000fc0000 : "firmware"
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.457246] 2 uimage-fw partitions found on MTD device firmware
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.463365] Creating 2 MTD partitions on "firmware":
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.468539] 0x000000000000-0x000000190000 : "kernel"
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.474319] 0x000000190000-0x000000f00000 : "rootfs"
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.480012] mtd: device 8 (rootfs) set to be root filesystem
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.485936] 1 squashfs-split partitions found on MTD device rootfs
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.492327] 0x000000450000-0x000000f00000 : "rootfs_data"
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 0.498536] 0x000000ff0000-0x000001000000 : "default-config"
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 0.506008] libphy: Fixed MDIO Bus: probed
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 1.183908] libphy: ag71xx_mdio: probed
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 1.190863] switch0: Atheros AR8337 rev. 2 switch registered on mdio-bus.0
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 1.845033] ag71xx 19000000.eth: connected to PHY at mdio-bus.0:00 [uid=004dd036, driver=Atheros AR8216/AR8236/AR8316]
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 1.856624] eth0: Atheros AG71xx at 0xb9000000, irq 4, mode: sgmii
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 1.865641] NET: Registered protocol family 10
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 1.875607] Segment Routing with IPv6
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 1.879478] NET: Registered protocol family 17
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 1.884156] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this.
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 1.897554] 8021q: 802.1Q VLAN Support v1.8
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 1.903921] hctosys: unable to open rtc device (rtc0)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 1.915223] VFS: Mounted root (squashfs filesystem) readonly on device 31:8.
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 1.929152] Freeing unused kernel memory: 1220K
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 1.933862] This architecture does not have kernel memory protection.
Wed Mar 18 04:53:25 2020 user.info kernel: [ 2.548056] init: Console is alive
Wed Mar 18 04:53:25 2020 user.info kernel: [ 2.551782] init: - watchdog -
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 2.563600] random: fast init done
Wed Mar 18 04:53:25 2020 user.info kernel: [ 3.592760] kmodloader: loading kernel modules from /etc/modules-boot.d/*
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 3.823065] usbcore: registered new interface driver usbfs
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 3.828851] usbcore: registered new interface driver hub
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 3.834450] usbcore: registered new device driver usb
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 3.845189] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 3.853340] ehci-platform: EHCI generic platform driver
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 3.859004] ehci-platform 1b000000.usb: EHCI Host Controller
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 3.864917] ehci-platform 1b000000.usb: new USB bus registered, assigned bus number 1
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 3.873084] ehci-platform 1b000000.usb: irq 13, io mem 0x1b000000
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 3.903600] ehci-platform 1b000000.usb: USB 2.0 started, EHCI 1.00
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 3.910696] hub 1-0:1.0: USB hub found
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 3.914912] hub 1-0:1.0: 1 port detected
Wed Mar 18 04:53:25 2020 user.info kernel: [ 3.919964] kmodloader: done loading kernel modules from /etc/modules-boot.d/*
Wed Mar 18 04:53:25 2020 user.info kernel: [ 3.937853] init: - preinit -
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 5.045187] random: jshn: uninitialized urandom read (4 bytes read)
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 5.285093] random: jshn: uninitialized urandom read (4 bytes read)
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 5.531898] random: jshn: uninitialized urandom read (4 bytes read)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 6.883218] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 6.889371] IPv6: ADDRCONF(NETDEV_UP): eth0.1: link is not ready
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 6.928292] urandom_read: 4 callbacks suppressed
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 6.928299] random: procd: uninitialized urandom read (4 bytes read)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 7.954876] eth0: link up (1000Mbps/Full duplex)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 7.959730] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 7.968447] IPv6: ADDRCONF(NETDEV_CHANGE): eth0.1: link becomes ready
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 10.168155] jffs2: notice: (508) jffs2_build_xattr_subsystem: complete building xattr subsystem, 23 of xdatum (2 unchecked, 21 orphan) and 45 of xref (21 dead, 0 orphan) found.
Wed Mar 18 04:53:25 2020 user.info kernel: [ 10.188210] mount_root: switching to jffs2 overlay
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 10.214312] overlayfs: upper fs does not support tmpfile.
Wed Mar 18 04:53:25 2020 user.warn kernel: [ 10.227802] urandom-seed: Seeding with /etc/urandom.seed
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 10.331027] eth0: link down
Wed Mar 18 04:53:25 2020 user.info kernel: [ 10.350429] procd: - early -
Wed Mar 18 04:53:25 2020 user.info kernel: [ 10.353496] procd: - watchdog -
Wed Mar 18 04:53:25 2020 user.info kernel: [ 11.030992] procd: - watchdog -
Wed Mar 18 04:53:25 2020 user.info kernel: [ 11.034564] procd: - ubus -
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 11.094727] random: ubusd: uninitialized urandom read (4 bytes read)
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 11.102950] random: ubusd: uninitialized urandom read (4 bytes read)
Wed Mar 18 04:53:25 2020 user.info kernel: [ 11.110757] procd: - init -
Wed Mar 18 04:53:25 2020 user.info kernel: [ 12.299991] urngd: v1.0.2 started.
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 12.418562] random: crng init done
Wed Mar 18 04:53:25 2020 user.info kernel: [ 13.281538] kmodloader: loading kernel modules from /etc/modules.d/*
Wed Mar 18 04:53:25 2020 kern.notice kernel: [ 13.742932] SCSI subsystem initialized
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 13.772424] ip6_tables: (C) 2000-2006 Netfilter Core Team
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 13.787614] Loading modules backported from Linux version v4.19.98-0-gd183c8e2647a
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 13.795483] Backport generated by backports.git v4.19.98-1-0-g8204eb99
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 13.805353] ip_tables: (C) 2000-2006 Netfilter Core Team
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 13.818655] nf_conntrack version 0.5.0 (2048 buckets, 8192 max)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 13.888221] usbcore: registered new interface driver usb-storage
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 13.910980] xt_time: kernel timezone is -0000
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 13.968121] PPP generic driver version 2.4.2
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 13.975264] NET: Registered protocol family 24
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 14.011977] ath10k 4.19 driver, optimized for CT firmware, probing pci device: 0x3c.
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 14.021524] PCI: Enabling device 0000:00:00.0 (0000 -> 0002)
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 14.027592] ath10k_pci 0000:00:00.0: pci irq legacy oper_irq_mode 1 irq_mode 0 reset_mode 0
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 14.308242] ath10k_pci 0000:00:00.0: Direct firmware load for ath10k/fwcfg-pci-0000:00:00.0.txt failed with error -2
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 14.319152] ath10k_pci 0000:00:00.0: Falling back to user helper
Wed Mar 18 04:53:25 2020 kern.err kernel: [ 14.462772] firmware ath10k!fwcfg-pci-0000:00:00.0.txt: firmware_loading_store: map pages failed
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 14.472150] ath10k_pci 0000:00:00.0: Direct firmware load for ath10k/pre-cal-pci-0000:00:00.0.bin failed with error -2
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 14.483235] ath10k_pci 0000:00:00.0: Falling back to user helper
Wed Mar 18 04:53:25 2020 kern.err kernel: [ 14.665566] firmware ath10k!pre-cal-pci-0000:00:00.0.bin: firmware_loading_store: map pages failed
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 14.676158] ath10k_pci 0000:00:00.0: Direct firmware load for ath10k/QCA988X/hw2.0/ct-firmware-5.bin failed with error -2
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 14.687519] ath10k_pci 0000:00:00.0: Falling back to user helper
Wed Mar 18 04:53:25 2020 kern.err kernel: [ 14.866611] firmware ath10k!QCA988X!hw2.0!ct-firmware-5.bin: firmware_loading_store: map pages failed
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 14.876424] ath10k_pci 0000:00:00.0: Direct firmware load for ath10k/QCA988X/hw2.0/ct-firmware-2.bin failed with error -2
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 14.887779] ath10k_pci 0000:00:00.0: Falling back to user helper
Wed Mar 18 04:53:25 2020 kern.err kernel: [ 15.074607] firmware ath10k!QCA988X!hw2.0!ct-firmware-2.bin: firmware_loading_store: map pages failed
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 15.084423] ath10k_pci 0000:00:00.0: Direct firmware load for ath10k/QCA988X/hw2.0/firmware-6.bin failed with error -2
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 15.095506] ath10k_pci 0000:00:00.0: Falling back to user helper
Wed Mar 18 04:53:25 2020 kern.err kernel: [ 15.289098] firmware ath10k!QCA988X!hw2.0!firmware-6.bin: firmware_loading_store: map pages failed
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 15.298646] ath10k_pci 0000:00:00.0: Direct firmware load for ath10k/QCA988X/hw2.0/firmware-5.bin failed with error -2
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 15.309731] ath10k_pci 0000:00:00.0: Falling back to user helper
Wed Mar 18 04:53:25 2020 kern.err kernel: [ 15.488495] firmware ath10k!QCA988X!hw2.0!firmware-5.bin: firmware_loading_store: map pages failed
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 15.498044] ath10k_pci 0000:00:00.0: Direct firmware load for ath10k/QCA988X/hw2.0/firmware-4.bin failed with error -2
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 15.509127] ath10k_pci 0000:00:00.0: Falling back to user helper
Wed Mar 18 04:53:25 2020 kern.err kernel: [ 15.692120] firmware ath10k!QCA988X!hw2.0!firmware-4.bin: firmware_loading_store: map pages failed
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 15.701670] ath10k_pci 0000:00:00.0: Direct firmware load for ath10k/QCA988X/hw2.0/firmware-3.bin failed with error -2
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 15.712753] ath10k_pci 0000:00:00.0: Falling back to user helper
Wed Mar 18 04:53:25 2020 kern.err kernel: [ 15.891533] firmware ath10k!QCA988X!hw2.0!firmware-3.bin: firmware_loading_store: map pages failed
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 16.099563] ath10k_pci 0000:00:00.0: qca988x hw2.0 target 0x4100016c chip_id 0x043202ff sub 0000:0000
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 16.109135] ath10k_pci 0000:00:00.0: kconfig debug 0 debugfs 1 tracing 0 dfs 1 testmode 0
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 16.121548] ath10k_pci 0000:00:00.0: firmware ver 10.1-ct-8x-__fW-022-b0e1b7cd api 2 features wmi-10.x,has-wmi-mgmt-tx,mfp,txstatus-noack,wmi-10.x-CT,ratemask-CT,txrate-CT,get-temp-CT,tx-rc-CT,cust-stats-CT,retry-gt2-CT,txrate2-CT,beacon-cb-CT,wmi-block-ack-CT crc32 1e527180
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 16.174852] ath10k_pci 0000:00:00.0: Direct firmware load for ath10k/QCA988X/hw2.0/board-2.bin failed with error -2
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 16.185660] ath10k_pci 0000:00:00.0: Falling back to user helper
Wed Mar 18 04:53:25 2020 kern.err kernel: [ 16.277728] firmware ath10k!QCA988X!hw2.0!board-2.bin: firmware_loading_store: map pages failed
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 16.287183] ath10k_pci 0000:00:00.0: board_file api 1 bmi_id N/A crc32 bebc7c08
Wed Mar 18 04:53:25 2020 kern.warn kernel: [ 17.234968] ath10k_pci 0000:00:00.0: 10.1 wmi init: vdevs: 16 peers: 127 tid: 256
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 17.252531] ath10k_pci 0000:00:00.0: wmi print 'P 128 V 8 T 410'
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 17.258995] ath10k_pci 0000:00:00.0: wmi print 'msdu-desc: 1424 sw-crypt: 0 ct-sta: 0'
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 17.267300] ath10k_pci 0000:00:00.0: wmi print 'alloc rem: 20904 iram: 26056'
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 17.335626] ath10k_pci 0000:00:00.0: htt-ver 2.1 wmi-op 2 htt-op 2 cal file max-sta 128 raw 0 hwcrypto 1
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 17.348612] ath10k_pci 0000:00:00.0: NOTE: Firmware DBGLOG output disabled in debug_mask: 0x10000000
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 17.486749] ath: EEPROM regdomain: 0x0
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 17.486755] ath: EEPROM indicates default country code should be used
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 17.486758] ath: doing EEPROM country->regdmn map search
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 17.486771] ath: country maps to regdmn code: 0x3a
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 17.486776] ath: Country alpha2 being used: US
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 17.486779] ath: Regpair used: 0x3a
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 17.564291] ath: EEPROM regdomain: 0x0
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 17.564299] ath: EEPROM indicates default country code should be used
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 17.564302] ath: doing EEPROM country->regdmn map search
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 17.564315] ath: country maps to regdmn code: 0x3a
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 17.564319] ath: Country alpha2 being used: US
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 17.564322] ath: Regpair used: 0x3a
Wed Mar 18 04:53:25 2020 kern.debug kernel: [ 17.576718] ieee80211 phy1: Selected rate control algorithm 'minstrel_ht'
Wed Mar 18 04:53:25 2020 kern.info kernel: [ 17.578285] ieee80211 phy1: Atheros AR9561 Rev:0 mem=0xb8100000, irq=2
Wed Mar 18 04:53:25 2020 user.info kernel: [ 17.667425] kmodloader: done loading kernel modules from /etc/modules.d/*
Wed Mar 18 04:53:27 2020 user.notice dnsmasq: DNS rebinding protection is active, will discard upstream RFC1918 responses!
Wed Mar 18 04:53:27 2020 user.notice dnsmasq: Allowing 127.0.0.0/8 responses
Wed Mar 18 04:53:27 2020 daemon.err procd: unable to find /sbin/ujail: No such file or directory (-1)
Wed Mar 18 04:53:27 2020 daemon.info dnsmasq[1142]: started, version 2.80 cachesize 150
Wed Mar 18 04:53:27 2020 daemon.info dnsmasq[1142]: DNS service limited to local subnets
Wed Mar 18 04:53:27 2020 daemon.info dnsmasq[1142]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-auth no-DNSSEC no-ID loop-detect inotify dumpfile
Wed Mar 18 04:53:27 2020 daemon.info dnsmasq[1142]: using local addresses only for domain test
Wed Mar 18 04:53:27 2020 daemon.info dnsmasq[1142]: using local addresses only for domain onion
Wed Mar 18 04:53:27 2020 daemon.info dnsmasq[1142]: using local addresses only for domain localhost
Wed Mar 18 04:53:27 2020 daemon.info dnsmasq[1142]: using local addresses only for domain local
Wed Mar 18 04:53:27 2020 daemon.info dnsmasq[1142]: using local addresses only for domain invalid
Wed Mar 18 04:53:27 2020 daemon.info dnsmasq[1142]: using local addresses only for domain bind
Wed Mar 18 04:53:27 2020 daemon.info dnsmasq[1142]: using local addresses only for domain lan
Wed Mar 18 04:53:27 2020 daemon.warn dnsmasq[1142]: no servers found in /tmp/resolv.conf.auto, will retry
Wed Mar 18 04:53:27 2020 daemon.info dnsmasq[1142]: read /etc/hosts - 4 addresses
Wed Mar 18 04:53:27 2020 daemon.info dnsmasq[1142]: read /tmp/hosts/dhcp.cfg01411c - 1 addresses
Wed Mar 18 04:53:30 2020 user.notice : Added device handler type: 8021ad
Wed Mar 18 04:53:30 2020 user.notice : Added device handler type: 8021q
Wed Mar 18 04:53:30 2020 user.notice : Added device handler type: macvlan
Wed Mar 18 04:53:30 2020 user.notice : Added device handler type: veth
Wed Mar 18 04:53:30 2020 user.notice : Added device handler type: bridge
Wed Mar 18 04:53:30 2020 user.notice : Added device handler type: Network device
Wed Mar 18 04:53:30 2020 user.notice : Added device handler type: tunnel
Wed Mar 18 04:53:30 2020 cron.info crond[1288]: crond (busybox 1.30.1) started, log level 5
Wed Mar 18 04:53:32 2020 user.notice ucitrack: Setting up /etc/config/network reload dependency on /etc/config/dhcp
Wed Mar 18 04:53:32 2020 user.notice ucitrack: Setting up /etc/config/network reload dependency on /etc/config/radvd
Wed Mar 18 04:53:32 2020 user.notice ucitrack: Setting up /etc/config/wireless reload dependency on /etc/config/network
Wed Mar 18 04:53:32 2020 user.notice ucitrack: Setting up /etc/config/firewall reload dependency on /etc/config/luci-splash
Wed Mar 18 04:53:32 2020 user.notice ucitrack: Setting up /etc/config/firewall reload dependency on /etc/config/qos
Wed Mar 18 04:53:32 2020 user.notice ucitrack: Setting up /etc/config/firewall reload dependency on /etc/config/miniupnpd
Wed Mar 18 04:53:32 2020 user.notice ucitrack: Setting up /etc/config/dhcp reload dependency on /etc/config/odhcpd
Wed Mar 18 04:53:33 2020 user.notice ucitrack: Setting up non-init /etc/config/fstab reload handler: /sbin/block mount
Wed Mar 18 04:53:33 2020 user.notice ucitrack: Setting up /etc/config/system reload trigger for non-procd /etc/init.d/led
Wed Mar 18 04:53:33 2020 user.notice ucitrack: Setting up /etc/config/system reload dependency on /etc/config/luci_statistics
Wed Mar 18 04:53:33 2020 user.notice ucitrack: Setting up /etc/config/system reload dependency on /etc/config/dhcp
Wed Mar 18 04:53:34 2020 daemon.warn netifd: You have delegated IPv6-prefixes but haven't assigned them to any interface. Did you forget to set option ip6assign on your lan-interfaces?
Wed Mar 18 04:53:34 2020 daemon.notice procd: /etc/rc.d/S96led: setting up led WAN
Wed Mar 18 04:53:34 2020 daemon.notice procd: /etc/rc.d/S96led: setting up led LAN1
Wed Mar 18 04:53:34 2020 daemon.notice procd: /etc/rc.d/S96led: setting up led LAN2
Wed Mar 18 04:53:34 2020 daemon.notice procd: /etc/rc.d/S96led: setting up led LAN3
Wed Mar 18 04:53:34 2020 kern.info kernel: [ 28.283183] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready
Wed Mar 18 04:53:34 2020 daemon.notice procd: /etc/rc.d/S96led: setting up led LAN4
Wed Mar 18 04:53:34 2020 kern.info kernel: [ 28.313687] br-lan: port 1(eth0.1) entered blocking state
Wed Mar 18 04:53:34 2020 kern.info kernel: [ 28.319274] br-lan: port 1(eth0.1) entered disabled state
Wed Mar 18 04:53:34 2020 kern.info kernel: [ 28.325154] device eth0.1 entered promiscuous mode
Wed Mar 18 04:53:34 2020 kern.info kernel: [ 28.330103] device eth0 entered promiscuous mode
Wed Mar 18 04:53:34 2020 kern.info kernel: [ 28.407327] IPv6: ADDRCONF(NETDEV_UP): br-lan: link is not ready
Wed Mar 18 04:53:34 2020 daemon.notice netifd: Interface 'lan' is enabled
Wed Mar 18 04:53:34 2020 daemon.notice netifd: Interface 'lan' is setting up now
Wed Mar 18 04:53:34 2020 daemon.notice netifd: Interface 'lan' is now up
Wed Mar 18 04:53:34 2020 daemon.info dnsmasq[1142]: reading /tmp/resolv.conf.auto
Wed Mar 18 04:53:34 2020 daemon.info dnsmasq[1142]: using local addresses only for domain test
Wed Mar 18 04:53:34 2020 daemon.info dnsmasq[1142]: using local addresses only for domain onion
Wed Mar 18 04:53:34 2020 daemon.info dnsmasq[1142]: using local addresses only for domain localhost
Wed Mar 18 04:53:34 2020 daemon.info dnsmasq[1142]: using local addresses only for domain local
Wed Mar 18 04:53:34 2020 daemon.info dnsmasq[1142]: using local addresses only for domain invalid
Wed Mar 18 04:53:34 2020 daemon.info dnsmasq[1142]: using local addresses only for domain bind
Wed Mar 18 04:53:34 2020 daemon.info dnsmasq[1142]: using local addresses only for domain lan
Wed Mar 18 04:53:34 2020 daemon.info dnsmasq[1142]: using nameserver 8.8.8.8#53
Wed Mar 18 04:53:34 2020 daemon.info dnsmasq[1142]: using nameserver 8.8.4.4#53
Wed Mar 18 04:53:35 2020 daemon.notice netifd: Interface 'loopback' is enabled
Wed Mar 18 04:53:35 2020 daemon.notice netifd: Interface 'loopback' is setting up now
Wed Mar 18 04:53:35 2020 daemon.notice netifd: Interface 'loopback' is now up
Wed Mar 18 04:53:35 2020 kern.info kernel: [ 28.688186] IPv6: ADDRCONF(NETDEV_UP): eth0.2: link is not ready
Wed Mar 18 04:53:35 2020 daemon.notice netifd: Interface 'wan' is enabled
Wed Mar 18 04:53:35 2020 daemon.notice netifd: Interface 'wan6' is enabled
Wed Mar 18 04:53:35 2020 kern.info kernel: [ 28.727628] IPv6: ADDRCONF(NETDEV_UP): br-lan_5G: link is not ready
Wed Mar 18 04:53:35 2020 daemon.notice netifd: Interface 'lan_5G' is enabled
Wed Mar 18 04:53:35 2020 daemon.notice netifd: Interface 'lan_5G' is setting up now
Wed Mar 18 04:53:35 2020 daemon.notice netifd: Interface 'lan_5G' is now up
Wed Mar 18 04:53:35 2020 daemon.info dnsmasq[1142]: reading /tmp/resolv.conf.auto
Wed Mar 18 04:53:35 2020 daemon.info dnsmasq[1142]: using local addresses only for domain test
Wed Mar 18 04:53:35 2020 daemon.info dnsmasq[1142]: using local addresses only for domain onion
Wed Mar 18 04:53:35 2020 daemon.info dnsmasq[1142]: using local addresses only for domain localhost
Wed Mar 18 04:53:35 2020 daemon.info dnsmasq[1142]: using local addresses only for domain local
Wed Mar 18 04:53:35 2020 daemon.info dnsmasq[1142]: using local addresses only for domain invalid
Wed Mar 18 04:53:35 2020 daemon.info dnsmasq[1142]: using local addresses only for domain bind
Wed Mar 18 04:53:35 2020 daemon.info dnsmasq[1142]: using local addresses only for domain lan
Wed Mar 18 04:53:35 2020 daemon.info dnsmasq[1142]: using nameserver 8.8.8.8#53
Wed Mar 18 04:53:35 2020 daemon.info dnsmasq[1142]: using nameserver 8.8.4.4#53
Wed Mar 18 04:53:35 2020 daemon.info dnsmasq[1142]: using nameserver 8.8.8.8#53
Wed Mar 18 04:53:35 2020 daemon.info dnsmasq[1142]: using nameserver 8.8.4.4#53
Wed Mar 18 04:53:35 2020 kern.info kernel: [ 28.776089] IPv6: ADDRCONF(NETDEV_UP): br-guest: link is not ready
Wed Mar 18 04:53:35 2020 daemon.notice netifd: Interface 'guest' is enabled
Wed Mar 18 04:53:35 2020 daemon.notice netifd: Interface 'guest' is setting up now
Wed Mar 18 04:53:35 2020 daemon.notice netifd: Interface 'guest' is now up
Wed Mar 18 04:53:35 2020 daemon.notice netifd: Network device 'lo' link is up
Wed Mar 18 04:53:35 2020 daemon.notice netifd: Interface 'loopback' has link connectivity
Wed Mar 18 04:53:35 2020 user.notice firewall: Reloading firewall due to ifup of lan (br-lan)
Wed Mar 18 04:53:35 2020 kern.info kernel: [ 29.315330] eth0: link up (1000Mbps/Full duplex)
Wed Mar 18 04:53:35 2020 kern.info kernel: [ 29.320187] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
Wed Mar 18 04:53:35 2020 daemon.notice netifd: VLAN 'eth0.1' link is up
Wed Mar 18 04:53:35 2020 daemon.notice netifd: VLAN 'eth0.2' link is up
Wed Mar 18 04:53:35 2020 daemon.notice netifd: Interface 'wan' has link connectivity
Wed Mar 18 04:53:35 2020 daemon.notice netifd: Interface 'wan' is setting up now
Wed Mar 18 04:53:35 2020 daemon.notice netifd: Interface 'wan6' has link connectivity
Wed Mar 18 04:53:35 2020 daemon.notice netifd: Interface 'wan6' is setting up now
Wed Mar 18 04:53:35 2020 daemon.notice netifd: Network device 'eth0' link is up
Wed Mar 18 04:53:35 2020 kern.info kernel: [ 29.395437] br-lan: port 1(eth0.1) entered blocking state
Wed Mar 18 04:53:35 2020 kern.info kernel: [ 29.401024] br-lan: port 1(eth0.1) entered forwarding state
Wed Mar 18 04:53:35 2020 kern.info kernel: [ 29.407089] IPv6: ADDRCONF(NETDEV_CHANGE): eth0.2: link becomes ready
Wed Mar 18 04:53:36 2020 daemon.notice netifd: bridge 'br-lan' link is up
Wed Mar 18 04:53:36 2020 daemon.notice netifd: Interface 'lan' has link connectivity
Wed Mar 18 04:53:36 2020 kern.info kernel: [ 29.648525] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan: link becomes ready
Wed Mar 18 04:53:36 2020 daemon.notice netifd: wan (1664): udhcpc: started, v1.30.1
Wed Mar 18 04:53:37 2020 daemon.err odhcpd[1260]: Failed to send to ff02::1%lan@br-lan (Address not available)
Wed Mar 18 04:53:37 2020 daemon.notice netifd: wan (1664): udhcpc: sending discover
Wed Mar 18 04:53:37 2020 kern.debug kernel: [ 31.402183] ath: EEPROM regdomain: 0x8268
Wed Mar 18 04:53:37 2020 kern.debug kernel: [ 31.406378] ath: EEPROM indicates we should expect a country code
Wed Mar 18 04:53:37 2020 kern.debug kernel: [ 31.412666] ath: doing EEPROM country->regdmn map search
Wed Mar 18 04:53:37 2020 kern.debug kernel: [ 31.418176] ath: country maps to regdmn code: 0x37
Wed Mar 18 04:53:37 2020 kern.debug kernel: [ 31.423121] ath: Country alpha2 being used: PL
Wed Mar 18 04:53:37 2020 kern.debug kernel: [ 31.427730] ath: Regpair used: 0x37
Wed Mar 18 04:53:37 2020 kern.debug kernel: [ 31.431330] ath: regdomain 0x8268 dynamically updated by user
Wed Mar 18 04:53:37 2020 kern.debug kernel: [ 31.437350] ath: EEPROM regdomain: 0x8268
Wed Mar 18 04:53:37 2020 kern.debug kernel: [ 31.441488] ath: EEPROM indicates we should expect a country code
Wed Mar 18 04:53:37 2020 kern.debug kernel: [ 31.447795] ath: doing EEPROM country->regdmn map search
Wed Mar 18 04:53:37 2020 kern.debug kernel: [ 31.453282] ath: country maps to regdmn code: 0x37
Wed Mar 18 04:53:37 2020 kern.debug kernel: [ 31.458244] ath: Country alpha2 being used: PL
Wed Mar 18 04:53:37 2020 kern.debug kernel: [ 31.462830] ath: Regpair used: 0x37
Wed Mar 18 04:53:37 2020 kern.debug kernel: [ 31.466442] ath: regdomain 0x8268 dynamically updated by user
Wed Mar 18 04:53:38 2020 user.notice firewall: Reloading firewall due to ifup of lan_5G (br-lan_5G)
Wed Mar 18 04:53:38 2020 daemon.info procd: - init complete -
Wed Mar 18 04:53:38 2020 authpriv.info dropbear[1800]: Not backgrounding
Wed Mar 18 04:53:39 2020 daemon.err hostapd: Configuration file: /var/run/hostapd-phy0.conf
Wed Mar 18 04:53:40 2020 kern.warn kernel: [ 34.416827] ath10k_pci 0000:00:00.0: 10.1 wmi init: vdevs: 16 peers: 127 tid: 256
Wed Mar 18 04:53:40 2020 kern.info kernel: [ 34.434443] ath10k_pci 0000:00:00.0: wmi print 'P 128 V 8 T 410'
Wed Mar 18 04:53:40 2020 kern.info kernel: [ 34.440874] ath10k_pci 0000:00:00.0: wmi print 'msdu-desc: 1424 sw-crypt: 0 ct-sta: 0'
Wed Mar 18 04:53:40 2020 kern.info kernel: [ 34.449189] ath10k_pci 0000:00:00.0: wmi print 'alloc rem: 20904 iram: 26056'
Wed Mar 18 04:53:40 2020 kern.warn kernel: [ 34.522942] ath10k_pci 0000:00:00.0: pdev param 0 not supported by firmware
Wed Mar 18 04:53:40 2020 daemon.notice netifd: wan (1664): udhcpc: sending discover
Wed Mar 18 04:53:40 2020 kern.info kernel: [ 34.538567] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
Wed Mar 18 04:53:40 2020 kern.info kernel: [ 34.591655] br-lan_5G: port 1(wlan0) entered blocking state
Wed Mar 18 04:53:40 2020 kern.info kernel: [ 34.597470] br-lan_5G: port 1(wlan0) entered disabled state
Wed Mar 18 04:53:40 2020 kern.info kernel: [ 34.603492] device wlan0 entered promiscuous mode
Wed Mar 18 04:53:41 2020 daemon.notice hostapd: wlan0: interface state UNINITIALIZED->HT_SCAN
Wed Mar 18 04:53:41 2020 daemon.err hostapd: Configuration file: /var/run/hostapd-phy1.conf
Wed Mar 18 04:53:41 2020 daemon.notice hostapd: nl80211: deinit ifname=wlan1 disabled_11b_rates=0
Wed Mar 18 04:53:41 2020 daemon.err hostapd: nl80211 driver initialization failed.
Wed Mar 18 04:53:41 2020 daemon.err hostapd: Using interface wlan0 with hwaddr 00:11:22:33:44:55 and ssid "DOMEK-5G"
Wed Mar 18 04:53:41 2020 daemon.notice hostapd: wlan1: interface state UNINITIALIZED->DISABLED
Wed Mar 18 04:53:41 2020 daemon.notice hostapd: wlan1-1: AP-DISABLED
Wed Mar 18 04:53:41 2020 daemon.notice hostapd: wlan1-1: CTRL-EVENT-TERMINATING
Wed Mar 18 04:53:41 2020 daemon.err hostapd: hostapd_free_hapd_data: Interface wlan1-1 wasn't started
Wed Mar 18 04:53:41 2020 daemon.notice hostapd: wlan1: AP-DISABLED
Wed Mar 18 04:53:41 2020 daemon.notice hostapd: wlan1: CTRL-EVENT-TERMINATING
Wed Mar 18 04:53:41 2020 daemon.err hostapd: hostapd_free_hapd_data: Interface wlan1 wasn't started
Wed Mar 18 04:53:41 2020 daemon.notice netifd: radio1 (1545): cat: can't open '/var/run/wifi-phy1.pid': No such file or directory
Wed Mar 18 04:53:41 2020 daemon.notice netifd: radio1 (1545): WARNING (wireless_add_process): executable path /usr/sbin/wpad does not match process path (/proc/exe)
Wed Mar 18 04:53:41 2020 daemon.notice netifd: radio1 (1545): Command failed: Invalid argument
Wed Mar 18 04:53:41 2020 daemon.notice netifd: radio1 (1545): Device setup failed: HOSTAPD_START_FAILED
Wed Mar 18 04:53:41 2020 kern.info kernel: [ 35.293821] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
Wed Mar 18 04:53:41 2020 kern.info kernel: [ 35.300598] br-lan_5G: port 1(wlan0) entered blocking state
Wed Mar 18 04:53:41 2020 kern.info kernel: [ 35.306401] br-lan_5G: port 1(wlan0) entered forwarding state
Wed Mar 18 04:53:41 2020 daemon.notice hostapd: wlan0: interface state HT_SCAN->ENABLED
Wed Mar 18 04:53:41 2020 daemon.notice hostapd: wlan0: AP-ENABLED
Wed Mar 18 04:53:41 2020 kern.info kernel: [ 35.335518] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan_5G: link becomes ready
Wed Mar 18 04:53:41 2020 daemon.notice netifd: bridge 'br-lan_5G' link is up
Wed Mar 18 04:53:41 2020 daemon.notice netifd: Interface 'lan_5G' has link connectivity
Wed Mar 18 04:53:41 2020 daemon.notice netifd: Network device 'wlan0' link is up
Wed Mar 18 04:53:43 2020 daemon.notice netifd: wan (1664): udhcpc: sending discover
Wed Mar 18 04:53:47 2020 daemon.err procd: unable to find /sbin/ujail: No such file or directory (-1)
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[1142]: exiting on receipt of SIGTERM
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: started, version 2.80 cachesize 150
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: DNS service limited to local subnets
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-auth no-DNSSEC no-ID loop-detect inotify dumpfile
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq-dhcp[2054]: DHCP, IP range 192.168.5.100 -- 192.168.5.249, lease time 8h
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq-dhcp[2054]: DHCP, IP range 192.168.1.100 -- 192.168.1.249, lease time 12h
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: using local addresses only for domain test
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: using local addresses only for domain onion
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: using local addresses only for domain localhost
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: using local addresses only for domain local
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: using local addresses only for domain invalid
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: using local addresses only for domain bind
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: using local addresses only for domain lan
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: reading /tmp/resolv.conf.auto
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: using local addresses only for domain test
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: using local addresses only for domain onion
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: using local addresses only for domain localhost
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: using local addresses only for domain local
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: using local addresses only for domain invalid
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: using local addresses only for domain bind
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: using local addresses only for domain lan
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: using nameserver 8.8.8.8#53
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: using nameserver 8.8.4.4#53
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: using nameserver 8.8.8.8#53
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: using nameserver 8.8.4.4#53
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: read /etc/hosts - 4 addresses
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: read /tmp/hosts/dhcp.cfg01411c - 3 addresses
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq-dhcp[2054]: read /etc/ethers - 1 addresses
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: read /etc/hosts - 4 addresses
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq[2054]: read /tmp/hosts/dhcp.cfg01411c - 3 addresses
Wed Mar 18 04:53:47 2020 daemon.info dnsmasq-dhcp[2054]: read /etc/ethers - 1 addresses
Wed Mar 18 04:53:49 2020 daemon.err procd: unable to find /sbin/ujail: No such file or directory (-1)
Wed Mar 18 04:53:49 2020 daemon.info dnsmasq[2054]: read /etc/hosts - 4 addresses
Wed Mar 18 04:53:49 2020 daemon.info dnsmasq[2054]: read /tmp/hosts/dhcp.cfg01411c - 3 addresses
Wed Mar 18 04:53:49 2020 daemon.info dnsmasq-dhcp[2054]: read /etc/ethers - 1 addresses
Wed Mar 18 05:03:26 2020 daemon.info hostapd: wlan0: STA 60:57:18:20:65:02 IEEE 802.11: authenticated
Wed Mar 18 05:03:26 2020 daemon.info hostapd: wlan0: STA 60:57:18:20:65:02 IEEE 802.11: associated (aid 1)
Wed Mar 18 05:03:26 2020 daemon.notice hostapd: wlan0: AP-STA-CONNECTED 60:57:18:20:65:02
Wed Mar 18 05:03:26 2020 daemon.info hostapd: wlan0: STA 60:57:18:20:65:02 WPA: pairwise key handshake completed (RSN)
Wed Mar 18 05:03:26 2020 daemon.info dnsmasq-dhcp[2054]: DHCPREQUEST(br-lan_5G) 192.168.5.246 60:57:18:20:65:02
Wed Mar 18 05:03:26 2020 daemon.info dnsmasq-dhcp[2054]: DHCPACK(br-lan_5G) 192.168.5.246 60:57:18:20:65:02 Warstat
Wed Mar 18 05:03:30 2020 authpriv.info dropbear[2229]: Child connection from 192.168.5.246:38694
Wed Mar 18 05:03:36 2020 authpriv.notice dropbear[2229]: Password auth succeeded for 'root' from 192.168.5.246:38694
Wed Mar 18 05:03:43 2020 daemon.err uhttpd[1326]: luci: accepted login on /admin/network/wireless for root from 192.168.5.246Dodane i poszło.
Ślicznie dziękuję!
Pozdrawiam,
Marcin
eko.one.pl → Posty przez marcin_wawa
Forum oparte o PunBB, wspierane przez Informer Technologies, Inc