stateful firewall problem wrt160nl

Post new topic   Reply to topic    DD-WRT Forum Index -> Atheros WiSOC based Hardware
View previous topic :: View next topic  
Author Message
eltan
DD-WRT Novice


Joined: 23 Jan 2013
Posts: 1
PostPosted: Wed Jan 23, 2013 9:49    Post subject: stateful firewall problem wrt160nl Reply with quote
Hi,

I am using ddwrt r20463 on a Linksys WRT160NL

I am struggling for configuring a stateful firewall using iptables since days.

Here is my configuration:
-equipment in routing mode (no NAT)
-WAN (eth1) 192.168.0.2/255.255.255.0
-LAN (br0) 192.168.1.1/255.255.255.0
- SPI firewall enabled in web interface

Here is my iptables config:

#Flush of iptables config
iptables -F

#Default policy for FW=DROP other are ALLOW
iptables -P FORWARD DROP
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT


#allow outgoing connections
iptables -I FORWARD -i br0 -o eth1 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

#allow response from the outside
iptables -I FORWARD -i eth1 -o br0 -m state --state ESTABLISHED,RELATED -j ACCEPT

With this configuration no packet are FW


Also if I change the last two lines with:

#allow outgoing connections
iptables -I FORWARD -i br0 -o eth1 -j ACCEPT

#allow response from the outside
iptables -I FORWARD -i eth1 -o br0 -m state --state ESTABLISHED,RELATED -j ACCEPT

What I notice is that the outgoing pass but the response never pass

I seems the SPI firewall is not working in ddwrt ?

Thanks for any help on this
Back to top View user's profile Send private message
Sponsor
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Atheros WiSOC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum