FAQ o OpenWrt | Sprzedam różne routery | Oddam

2015-10-11 21:03:57

Dzięki za link. Mam nadzieje ze dobrze zrozumiałem. Otworzyłem port a później zrobiłem przekierowanie. Wpisy w firewall wyglądaj tak:

config remote_accept 'ra_80_80'
    option local_port '80'
    option remote_port '80'
    option proto 'tcp'
    option zone 'wan'


config redirect
    option name 'www'
    option src 'wan'
    option proto 'tcpudp'
    option src_dport '80'
    option dest_port '80'
    option dest_ip '192.168.2.190'

Po wpisaniu komendy iptables -L

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
delegate_input  all  --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
delegate_forward  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
delegate_output  all  --  anywhere             anywhere

Chain MINIUPNPD (1 references)
target     prot opt source               destination

Chain delegate_forward (1 references)
target     prot opt source               destination
forwarding_rule  all  --  anywhere             anywhere            /* user chain                                                                                                  for forwarding */
ACCEPT     all  --  anywhere             anywhere            ctstate RELATED,EST                                                                                                 ABLISHED
zone_lan_forward  all  --  anywhere             anywhere
zone_wan_forward  all  --  anywhere             anywhere
reject     all  --  anywhere             anywhere

Chain delegate_input (1 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
input_rule  all  --  anywhere             anywhere            /* user chain for                                                                                                  input */
ACCEPT     all  --  anywhere             anywhere            ctstate RELATED,EST                                                                                                 ABLISHED
syn_flood  tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,R                                                                                                 ST,ACK/SYN
zone_lan_input  all  --  anywhere             anywhere
zone_wan_input  all  --  anywhere             anywhere

Chain delegate_output (1 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
output_rule  all  --  anywhere             anywhere            /* user chain for                                                                                                  output */
ACCEPT     all  --  anywhere             anywhere            ctstate RELATED,EST                                                                                                 ABLISHED
zone_lan_output  all  --  anywhere             anywhere
zone_wan_output  all  --  anywhere             anywhere

Chain forwarding_lan_rule (1 references)
target     prot opt source               destination

Chain forwarding_rule (1 references)
target     prot opt source               destination

Chain forwarding_wan_rule (1 references)
target     prot opt source               destination

Chain input_lan_rule (1 references)
target     prot opt source               destination

Chain input_rule (1 references)
target     prot opt source               destination

Chain input_wan_rule (1 references)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpts:50990:5099                                                                                                 9
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:81
           tcp  --  anywhere             anywhere            tcp dpt:ssh recent:                                                                                                  SET name: SSH_CHECK side: source
DROP       all  --  anywhere             anywhere            recent: UPDATE seco                                                                                                 nds: 300 hit_count: 11 name: SSH_CHECK side: source
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:www

Chain output_lan_rule (1 references)
target     prot opt source               destination

Chain output_rule (1 references)
target     prot opt source               destination

Chain output_wan_rule (1 references)
target     prot opt source               destination

Chain reject (3 references)
target     prot opt source               destination
REJECT     tcp  --  anywhere             anywhere            reject-with tcp-res                                                                                                 et
REJECT     all  --  anywhere             anywhere            reject-with icmp-po                                                                                                 rt-unreachable

Chain syn_flood (1 references)
target     prot opt source               destination
RETURN     tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,R                                                                                                 ST,ACK/SYN limit: avg 25/sec burst 50
DROP       all  --  anywhere             anywhere

Chain zone_lan_dest_ACCEPT (3 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain zone_lan_forward (1 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
forwarding_lan_rule  all  --  anywhere             anywhere            /* user c                                                                                                 hain for forwarding */
zone_lan_dest_ACCEPT  tcp  --  192.168.2.0/24       dom-Komputer        tcp dpt:                                                                                                 www /* www (reflection) */
zone_lan_dest_ACCEPT  udp  --  192.168.2.0/24       dom-Komputer        udp dpt:                                                                                                 80 /* www (reflection) */
zone_wan_dest_ACCEPT  all  --  anywhere             anywhere            /* forwa                                                                                                 rding lan -> wan */
zone_lan_src_REJECT  all  --  anywhere             anywhere

Chain zone_lan_input (1 references)
target     prot opt source               destination
input_lan_rule  all  --  anywhere             anywhere            /* user chain                                                                                                  for input */
zone_lan_src_ACCEPT  all  --  anywhere             anywhere

Chain zone_lan_output (1 references)
target     prot opt source               destination
output_lan_rule  all  --  anywhere             anywhere            /* user chain                                                                                                  for output */
zone_lan_dest_ACCEPT  all  --  anywhere             anywhere

Chain zone_lan_src_ACCEPT (1 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain zone_lan_src_REJECT (1 references)
target     prot opt source               destination
reject     all  --  anywhere             anywhere

Chain zone_wan_dest_ACCEPT (2 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain zone_wan_forward (1 references)
target     prot opt source               destination
MINIUPNPD  all  --  anywhere             anywhere
forwarding_wan_rule  all  --  anywhere             anywhere            /* user c                                                                                                 hain for forwarding */
ACCEPT     tcp  --  anywhere             dom-Komputer        tcp dpt:www /* www                                                                                                  */
ACCEPT     udp  --  anywhere             dom-Komputer        udp dpt:80 /* www *                                                                                                 /
zone_wan_src_REJECT  all  --  anywhere             anywhere

Chain zone_wan_input (1 references)
target     prot opt source               destination
input_wan_rule  all  --  anywhere             anywhere            /* user chain                                                                                                  for input */
ACCEPT     udp  --  anywhere             anywhere            udp dpt:bootpc /* A                                                                                                 llow-DHCP-Renew */
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request /                                                                                                 * Allow-Ping */
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:51413 /* tr                                                                                                 ansmission */
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:9091 /* tra                                                                                                 nsmission_wan */
zone_wan_src_REJECT  all  --  anywhere             anywhere

Chain zone_wan_output (1 references)
target     prot opt source               destination
output_wan_rule  all  --  anywhere             anywhere            /* user chain                                                                                                  for output */
zone_wan_dest_ACCEPT  all  --  anywhere             anywhere

Chain zone_wan_src_REJECT (2 references)
target     prot opt source               destination
reject     all  --  anywhere             anywhere

Po restarcie routera port dalej zamknięty. Sprawdzane http://www.yougetsignal.com/tools/open-ports/ ,oraz nie widać www od strony wan. Jakieś wskazówki ?

2015-10-11 19:51:50

Adres IP na wanie na pewno zewnętrzny :87.101.20.2xx. ISP nic nie blokuje, wcześniej na pocie 80 mogłem logować się na urządzenie (teraz zmienione na 81)/FTP/trasmission.
Po wpisaniu

iptables -L

Nie widzę wpisu na temat portu 80. Dziwne ze nie działa, przekierowanie dodawałem z trybu graficznego. Po wpisaniu komendy:

Chain input_wan_rule (1 references)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpts:50990:50999
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:81
           tcp  --  anywhere             anywhere            tcp dpt:ssh recent: SET name: SSH_CHECK side: source
DROP       all  --  anywhere             anywhere            recent: UPDATE seconds: 300 hit_count: 11 name: SSH_CHECK side: source
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh

Domyślam się ze tu jest problem. Gdzie można edytować ten plik iptables? Wyszukałem coś takiego, ale dalej nie działa.

iptables -I FORWARD -i www -p tcp -d 192.168.2.190 --dport 80 -j ACCEPT

nastepnie

/etc/init.d/firewall restart

Port dalej zamkniety

2015-10-11 17:45:29

Hej,
Mam problem z przekierowaniem portu. Mam zewnętrzne IP i chciał bym udostępnić stronę www ze swojego PC (Xampp).
Po zrobieniu przekierowania port dalej jest zablokowany, sprawdzałem http://www.t1shopper.com/tools/port-scan/, oraz sprawdzając czy udostępniane www działa. Dodam ze localhost działa. Zapora Windowsa wyłączona, komputer ma stałe IP. Gdzie szukać problemy ?

Reguły:

config defaults
    option syn_flood '1'
    option input 'ACCEPT'
    option output 'ACCEPT'
    option forward 'REJECT'

config zone
    option name 'lan'
    list network 'lan'
    option input 'ACCEPT'
    option output 'ACCEPT'
    option forward 'REJECT'

config zone
    option name 'wan'
    list network 'wan'
    list network 'wan6'
    option input 'REJECT'
    option output 'ACCEPT'
    option forward 'REJECT'
    option masq '1'
    option mtu_fix '1'

config forwarding
    option src 'lan'
    option dest 'wan'

config rule
    option name 'Allow-DHCP-Renew'
    option src 'wan'
    option proto 'udp'
    option dest_port '68'
    option target 'ACCEPT'
    option family 'ipv4'

config rule
    option name 'Allow-Ping'
    option src 'wan'
    option proto 'icmp'
    option icmp_type 'echo-request'
    option family 'ipv4'
    option target 'ACCEPT'

config rule
    option name 'Allow-DHCPv6'
    option src 'wan'
    option proto 'udp'
    option src_ip 'fe80::/10'
    option src_port '547'
    option dest_ip 'fe80::/10'
    option dest_port '546'
    option family 'ipv6'
    option target 'ACCEPT'

config rule
    option name 'Allow-ICMPv6-Input'
    option src 'wan'
    option proto 'icmp'
    list icmp_type 'echo-request'
    list icmp_type 'echo-reply'
    list icmp_type 'destination-unreachable'
    list icmp_type 'packet-too-big'
    list icmp_type 'time-exceeded'
    list icmp_type 'bad-header'
    list icmp_type 'unknown-header-type'
    list icmp_type 'router-solicitation'
    list icmp_type 'neighbour-solicitation'
    list icmp_type 'router-advertisement'
    list icmp_type 'neighbour-advertisement'
    option limit '1000/sec'
    option family 'ipv6'
    option target 'ACCEPT'

config rule
    option name 'Allow-ICMPv6-Forward'
    option src 'wan'
    option dest '*'
    option proto 'icmp'
    list icmp_type 'echo-request'
    list icmp_type 'echo-reply'
    list icmp_type 'destination-unreachable'
    list icmp_type 'packet-too-big'
    list icmp_type 'time-exceeded'
    list icmp_type 'bad-header'
    list icmp_type 'unknown-header-type'
    option limit '1000/sec'
    option family 'ipv6'
    option target 'ACCEPT'

config include
    option path '/etc/firewall.user'
    option reload '1'

config include
    option type 'script'
    option path '/usr/lib/gargoyle_firewall_util/gargoyle_additions.firewall'
    option family 'IPv4'
    option reload '1'

config include 'miniupnpd'
    option type 'script'
    option path '/usr/share/miniupnpd/firewall.include'
    option family 'IPv4'
    option reload '1'

config include 'openvpn_include_file'
    option path '/etc/openvpn.firewall'
    option reload '1'

config remote_accept 'wan_ftp_server_command'
    option proto 'tcp'
    option zone 'wan'
    option local_port '21'
    option remote_port '21'

config remote_accept 'wan_ftp_server_pasv'
    option proto 'tcp'
    option zone 'wan'
    option start_port '50990'
    option end_port '50999'

config remote_accept 'ra_443_443'
    option local_port '443'
    option remote_port '443'
    option proto 'tcp'
    option zone 'wan'

config remote_accept 'ra_81_81'
    option local_port '81'
    option remote_port '81'
    option proto 'tcp'
    option zone 'wan'

config remote_accept 'ra_22_22'
    option local_port '22'
    option remote_port '22'
    option proto 'tcp'
    option zone 'wan'

config redirect 'redirect_enabled_number_0'
    option name 'kuba'
    option src 'wan'
    option dest 'lan'
    option proto 'tcp'
    option src_dport '80'
    option dest_ip '192.168.2.190'
    option dest_port '80'

2015-01-16 21:54:04

Cześć.
Czy ktoś próbował z powodzeniem zainstalować ten skrypt ? Python zainstalował się pomyślne, a przynajmniej tak mi się wydaje .
Przy instalowaniu chomikuploader-a

 python setup.py install
/usr/lib/python2.7/distutils/dist.py:267: UserWarning: Unknown distribution option: 'console'
  warnings.warn(msg)
/usr/lib/python2.7/distutils/dist.py:267: UserWarning: Unknown distribution option: 'zipfile'
  warnings.warn(msg)
running install
running build
running build_py
running build_scripts
running install_lib
running install_scripts
changing mode of /usr/bin/chomik to 755
running install_egg_info
Removing /usr/lib/python2.7/site-packages/chomikUploader_es-0.5.1-py2.7.egg-info
Writing /usr/lib/python2.7/site-packages/chomikUploader_es-0.5.1-py2.7.egg-info

Przy probie uruchomienia

python main.py
Traceback (most recent call last):
  File "main.py", line 11, in <module>
    import uploader
  File "/mnt/chomik/src/uploader.py", line 11, in <module>
    import view
  File "/mnt/chomik/src/view.py", line 11, in <module>
    import ctypes
  File "/usr/lib/python2.7/ctypes/__init__.py", line 10, in <module>
    from _ctypes import Union, Structure, Array
ImportError: File not found

2012-04-01 12:01:26

Witam.
Czy jest możliwość aby wysyłać/pobierać bezpośrednio z routera na którym jest gargoyle pliki na swoje konto na chomikuj.pl ?? Czy jest możne jakieś gotowe rozwiązanie?? Jeżeli nie prosił bym o nakierowanie mnie gdzie i czego szukać. Moje urządzenie to ubnt routerstation pro.

2011-08-25 08:51:28

Witam.
Posiadam tplinka 1043. Udało mi się na niego wgrać openwrt GargoylePL. Wszystko ładnie działa. następnym moim krokiem była próba wgrania klienta torrent -Transmission- zgodnie z instrukcja na stronie: http://eko.one.pl/?p=openwrt-transmission.
Zalogowałem się przez telnet i wpisuje polecenia zgodnie z opisem na stronie i otrzymuje coś takiego:

root@Gargoyle:~$ opkg install transmission-deamon
Unknown package 'transmission-deamon'.
Collected errors:
* opkg_install_cmd: Cannot install package transmission-deamon.

Pytanie co robię złe ? I jak zainstalować te 2 paczki :transmission-deamon, transmission-web

FAQ o OpenWrt | Sprzedam różne routery | Oddam

Opcje wyszukiwania

Znalezione posty: 6

1 Odpowiedź przez kuba848484 2015-10-11 21:03:57

Odp: Przepierowanie portu (6 odpowiedzi, napisanych Oprogramowanie / Software)

2 Odpowiedź przez kuba848484 2015-10-11 19:51:50

Odp: Przepierowanie portu (6 odpowiedzi, napisanych Oprogramowanie / Software)

3 Temat przez kuba848484 2015-10-11 17:45:29

Temat: Przepierowanie portu (6 odpowiedzi, napisanych Oprogramowanie / Software)

4 Temat przez kuba848484 2015-01-16 21:54:04

Temat: Gargoyle chomikuploader python (0 odpowiedzi, napisanych Oprogramowanie / Software)

5 Temat przez kuba848484 2012-04-01 12:01:26

Temat: Gargoyle chomikuj.pl (1 odpowiedzi, napisanych Oprogramowanie / Software)

6 Temat przez kuba848484 2011-08-25 08:51:28

Temat: tl-wr1043ND openwrt + torrent (2 odpowiedzi, napisanych Oprogramowanie / Software)

Znalezione posty: 6