Why doesn't this work anymore?

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
View previous topic :: View next topic  
Author Message
azuretech
DD-WRT User


Joined: 29 Oct 2007
Posts: 103
PostPosted: Mon Nov 12, 2012 22:40    Post subject: Why doesn't this work anymore? Reply with quote
Okay, I was running a MI424WR running
"DD-WRT v24-sp2 (07/20/12) std - build 19519" with wl0.1 on its own private subnet, on br1 with wl0 on br0, and the following firewall settings, and everything worked great... both the public and private AP had access to the internet, but not to each other...

So, I recently switched out to a WRT610Nv1, running(DD-WRT v24-sp2 (04/07/12) big - build 18946M NEWD-2 K2.6 Eko)

Now with the same bridging, same virtual interface setups, and same firewall settings, br1 can no longer access the internet. Any ideas as to why not?

Code:
wanif="`nvram get wan_ifname`"
iptables -I INPUT -i br1 -m state --state NEW -j logaccept
iptables -I FORWARD -i br1 -o $wanif -m state --state NEW -j ACCEPT
iptables -I FORWARD -i br0 -o br1 -j logdrop
iptables -I FORWARD -i br1 -o br0 -j logdrop
iptables -I INPUT -i br1 -p tcp --dport telnet -j REJECT --reject-with tcp-reset
iptables -I INPUT -i br1 -p tcp --dport www -j REJECT --reject-with tcp-reset
iptables -I INPUT -i br1 -p tcp --dport https -j REJECT --reject-with tcp-reset

I've also tried specifying the wan interface (on this router, it appears to be vlan2) directly instead of using nvram get wan_ifname and still no luck.

Any suggestions?
Back to top View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger
Sponsor
Sash
DD-WRT Guru


Joined: 20 Sep 2006
Posts: 17619
Location: Hesse/Germany
PostPosted: Tue Nov 13, 2012 20:43    Post subject: Reply with quote
check iptables if its added...
_________________
Forum Guidelines...How to get help
&
Forum Rules
&
RTFM/STFW
&
Throw some buzzwords into the WIKI search Exclamation
_________________
I'm NOT rude, just offer pure facts!
_________________
Atheros (TP-Link & Clones, etc ) debrick service in EU
_________________
Guide on HowTo be Safe, Secure and Protect Your Online Anonymity!
Back to top View user's profile Send private message
phuzi0n
DD-WRT Guru


Joined: 10 Oct 2006
Posts: 10141
PostPosted: Tue Nov 13, 2012 21:36    Post subject: Reply with quote
See the Multiple WLAN guide on the wiki. Newer builds no longer enable NAT on separated LAN interfaces so you need an iptables rule to enable NAT for them.
_________________
Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum