NAT Loopback (port forwarding) fix for builds 15760-19969

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware
Goto page Previous  1, 2, 3, ... 9, 10, 11  Next
Author Message
kamileczek123
DD-WRT Novice


Joined: 28 Jan 2010
Posts: 6

PostPosted: Sun Mar 27, 2011 4:27    Post subject: Reply with quote
Tested on WRT610N v1 with pre v24-sp2 build 16454 (K2.6-NEWD-2) and this script doesn't work... too bad.
Sponsor
watchman2
DD-WRT Novice


Joined: 30 Mar 2011
Posts: 1

PostPosted: Wed Mar 30, 2011 0:44    Post subject: Reply with quote
Will this allow loopback to work?
bmupton
DD-WRT User


Joined: 16 Mar 2011
Posts: 111
Location: Saskatoon, SK, Canada

PostPosted: Wed Mar 30, 2011 1:58    Post subject: Reply with quote
watchman2 wrote:
Will this allow loopback to work?


It does exactly that for me. Running the build shown in my signature.
atkinj
DD-WRT Novice


Joined: 04 Apr 2011
Posts: 1

PostPosted: Mon Apr 04, 2011 16:26    Post subject: Reply with quote
Had just upgraded both my WRT160nV3's to the latest and after 1.5 hours of troubleshooting and googling... this is the only/best solution.

Many, many thanks. WIll keep you posted if things break down.

- J
buddee
DD-WRT Guru


Joined: 06 Feb 2010
Posts: 7385
Location: Little Rock

PostPosted: Tue Apr 05, 2011 1:48    Post subject: Reply with quote
Code tested and seems working on my WZR-HP-G300NH and WRT160NL (and yes i know this isn't the Atheros section but still relevant info). Also seems working on WNR3500L, E2000, and WHR-HP-G54 (running NEWD 15943 nokaid)

Best Regards.

_________________
Wireless N Config | Linking Routers | DD-WRT Wiki | DD-WRT Builds | Peacock - Broadcom FAQ

Having problems with port forwarding? Check out Port Forward Troubleshooting for more info.
underminded000
DD-WRT Novice


Joined: 06 Oct 2010
Posts: 3

PostPosted: Thu Apr 07, 2011 1:01    Post subject: Reply with quote
Thank you very much for this. I use RDP religiously among other apps that require port forwarding and this is a god send. Working on Linksys E3000 mega- build 16454
MSgtSimon
DD-WRT Novice


Joined: 13 Sep 2010
Posts: 2

PostPosted: Thu Apr 07, 2011 23:56    Post subject: Reply with quote
I upgraded from a 14xxx build to the latest 16xxx build and loopback wasn't working for me. With this, it is. Sweet deal and thanks!
tsume
DD-WRT Novice


Joined: 08 Apr 2011
Posts: 14

PostPosted: Fri Apr 08, 2011 1:25    Post subject: Reply with quote
Just installed the latest DDWRT on my TP-Link (I know, wrong forum, but the topic here applies to Atheros as well) and was really frustrated at the lack of loopback.

With this fix, it's working perfectly! THANK YOU!!

Hopefully future builds will incorporate this somehow Smile
poldim
DD-WRT Novice


Joined: 14 Apr 2011
Posts: 7

PostPosted: Thu Apr 14, 2011 16:32    Post subject: Reply with quote
phuzi0n,

I tried this in my router and it appears to have no effect. Do I need to upgrade to the mega build in order for this to work? And if that is the case, is anyone running the 16773 mega on an E3000?

DD-WRT v24-sp2 (04/11/11) mini (SVN revision 16773M NEWD-2 K2.6 Eko)
Linksys E3000

crashfly
DD-WRT Guru


Joined: 24 Feb 2009
Posts: 2025
Location: Sol System > Earth > USA > Arkansas

PostPosted: Thu Apr 14, 2011 16:38    Post subject: Reply with quote
poldim wrote:
I tried this in my router and it appears to have no effect. Do I need to upgrade to the mega build in order for this to work?

Did you do a reboot after putting that in your firewall script? And no, you do not need to have the mega version. It should work with all standard and up.

_________________
E3000 22200M KongVPN K26
WRT600n v1.1 refirb mega 18767 BS K24 NEWD2 [not used]
WRT54G v2 16214 BS K24 [access point]

Try Dropbox for syncing files - get 2.5gb online for free by signing up.

Read! Peacock thread
*PLEASE* upgrade PAST v24SP1 or no support.
phuzi0n
DD-WRT Guru


Joined: 10 Oct 2006
Posts: 10143

PostPosted: Thu Apr 14, 2011 18:28    Post subject: Reply with quote
Make sure that your port forwards work from the outside before trying this so that there is no confusion over whether it didn't work or if you simply aren't configuring port forwards correctly. If the rules in this post don't work for you then check if any of the other ones from the bug ticket do work for you.

You can also telnet/ssh to the router (do not use the GUI!) and run these commands to check if the commands are working or not.

lsmod
iptables -t mangle -vnL PREROUTING
iptables -t nat -vnL POSTROUTING


A lot of new users are commenting but you really ought to just stick to the recommended builds if you're new.

_________________
Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
poldim
DD-WRT Novice


Joined: 14 Apr 2011
Posts: 7

PostPosted: Fri Apr 15, 2011 15:59    Post subject: Reply with quote
crashfly wrote:
poldim wrote:
I tried this in my router and it appears to have no effect. Do I need to upgrade to the mega build in order for this to work?

Did you do a reboot after putting that in your firewall script? And no, you do not need to have the mega version. It should work with all standard and up.


It was rebooted. 5 min uptime in the screenshot.
poldim
DD-WRT Novice


Joined: 14 Apr 2011
Posts: 7

PostPosted: Fri Apr 15, 2011 16:15    Post subject: Reply with quote
phuzi0n wrote:
Make sure that your port forwards work from the outside before trying this so that there is no confusion over whether it didn't work or if you simply aren't configuring port forwards correctly. If the rules in this post don't work for you then check if any of the other ones from the bug ticket do work for you.

You can also telnet/ssh to the router (do not use the GUI!) and run these commands to check if the commands are working or not.

lsmod
iptables -t mangle -vnL PREROUTING
iptables -t nat -vnL POSTROUTING


A lot of new users are commenting but you really ought to just stick to the recommended builds if you're new.


Already did. My Xoom hits all the forwarded ports as it did prior to my upgrade to the E3000 (310 previous used).

Code:

DD-WRT v24-sp2 mini (c) 2011 NewMedia-NET GmbH
Release: 04/11/11 (SVN revision: 16773)

DD-WRT login: root
Password:
==========================================================

 ____  ___    __        ______ _____         ____  _  _
 | _ \| _ \   \ \      / /  _ \_   _| __   _|___ \| || |
 || | || ||____\ \ /\ / /| |_) || |   \ \ / / __) | || |_
 ||_| ||_||_____\ V  V / |  _ < | |    \ V / / __/|__   _|
 |___/|___/      \_/\_/  |_| \_\|_|     \_/ |_____|  |_|

                       DD-WRT v24-sp2
                   http://www.dd-wrt.com

==========================================================


BusyBox v1.13.4 (2011-04-11 16:40:06 CEST) built-in shell (ash)
Enter 'help' for a list of built-in commands.

root@DD-WRT:~# lsmod
Module                  Size  Used by
nf_nat_pptp             4096  0
nf_conntrack_pptp       4096  1 nf_nat_pptp
nf_nat_proto_gre        4096  1 nf_nat_pptp
nf_conntrack_proto_gre     4096  1 nf_conntrack_pptp
xt_mark                 4096  1
etherip                 8192  0
switch_robo             4096  0
switch_core             8192  1 switch_robo
bcm57xx               106496  0
root@DD-WRT:~# iptables -t mangle -vnL PREROUTING
Chain PREROUTING (policy ACCEPT 1208 packets, 202K bytes)
 pkts bytes target     prot opt in     out     source               destination

    5   582 MARK       0    --  !vlan2 *       0.0.0.0/0            67.169.79.***       MARK set 0xd001
root@DD-WRT:~# iptables -t nat -vnL POSTROUTING
Chain POSTROUTING (policy ACCEPT 292 packets, 37947 bytes)
 pkts bytes target     prot opt in     out     source               destination

   29  3439 SNAT       0    --  *      vlan2   0.0.0.0/0            0.0.0.0/0        to:67.169.79.***
    0     0 RETURN     0    --  *      br0     0.0.0.0/0            0.0.0.0/0        PKTTYPE = broadcast
    1    48 MASQUERADE  0    --  *      *       0.0.0.0/0            0.0.0.0/0         MARK match 0xd001
root@DD-WRT:~#



I'm not sure what to be looking for here. Anything look out of place?
phuzi0n
DD-WRT Guru


Joined: 10 Oct 2006
Posts: 10143

PostPosted: Fri Apr 15, 2011 18:54    Post subject: Reply with quote
poldim wrote:
root@DD-WRT:~# iptables -t mangle -vnL PREROUTING
Chain PREROUTING (policy ACCEPT 1208 packets, 202K bytes)
pkts bytes target prot opt in out source destination

5 582 MARK 0 -- !vlan2 * 0.0.0.0/0 67.169.79.*** MARK set 0xd001
root@DD-WRT:~# iptables -t nat -vnL POSTROUTING
Chain POSTROUTING (policy ACCEPT 292 packets, 37947 bytes)
pkts bytes target prot opt in out source destination

29 3439 SNAT 0 -- * vlan2 0.0.0.0/0 0.0.0.0/0 to:67.169.79.***
0 0 RETURN 0 -- * br0 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast
1 48 MASQUERADE 0 -- * * 0.0.0.0/0 0.0.0.0/0 MARK match 0xd001
root@DD-WRT:~#


I'm not sure what to be looking for here. Anything look out of place?

Well the rules are there and appear to be working but 5 packets came from your LAN to the WAN IP yet only 1 packet made it back out to the LAN.

I'll need to see the full tables to see if something like Access Restrictions is blocking it. The output will be long so please either PM it or attach as a text file.

iptables -vnL
iptables -t nat -vnL
iptables -t mangle -vnL

_________________
Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
heffneil
DD-WRT Novice


Joined: 05 Apr 2011
Posts: 8

PostPosted: Sat Apr 16, 2011 1:41    Post subject: Reply with quote
I believe this is exactly what I need to do on my router but the question is do I have to run commands for iptables before or is setting up port forwards essentially the same thing?!

Thanks!

Neil
Goto page Previous  1, 2, 3, ... 9, 10, 11  Next Display posts from previous:    Page 2 of 11
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum