search

hxping7 / wl500g

Automatically exported from code.google.com/p/wl500g
0 stars 0 forks source link

iptables segmentation fault #317

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1.RT-N16-1.9.2.7-rtn-r4051.trx
2. nvram set misc_fastnat_x=0
3.nvram show | grep fastnat
size: 16181 bytes (16587 left)
misc_fastnat_x=0

What is the expected output? What do you see instead?
iptables -S
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N BRUTE
-N MACS
-N SECURITY
-N UPNP
-N logaccept
-N logdrop
-A INPUT -i tun0 -j ACCEPT
Segmentation fault

What version of the product are you using?
RT-N16-1.9.2.7-rtn-r4051.trx

Please provide any additional information below.
command iptables -S works fine with the hard drive disconnected from the 
router. How this could be fixed? I need it functional with the HD connected to 
the router.

Original issue reported on code.google.com by dmytro.v...@gmail.com on 28 Apr 2012 at 3:14

GoogleCodeExporter commented 9 years ago 
You are trying to use external software. We can't be responsible for it.

Original comment by lly.dev on 28 Apr 2012 at 6:07

GoogleCodeExporter commented 9 years ago 
You are not right, I do not use any external software, I use 
RT-N16-1.9.2.7-rtn-r4051.trx dodwnloaded form this website!

Original comment by dmytro.v...@gmail.com on 28 Apr 2012 at 6:57

GoogleCodeExporter commented 9 years ago 
Just compare output of "iptables -V" with/without HDD

Original comment by lly.dev on 29 Apr 2012 at 10:23

GoogleCodeExporter commented 9 years ago 
Here you go:
With HD-
$ iptables -V
iptables v1.4.3.2
Without HD-
$ iptables -V
iptables v1.4.3.2

Original comment by dmytro.v...@gmail.com on 29 Apr 2012 at 8:02

GoogleCodeExporter commented 9 years ago 
Without HD-
iptables -S
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N BRUTE
-N MACS
-N SECURITY
-N UPNP
-N logaccept
-N logdrop
-A INPUT -i tun0 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3389 -j ACCEPT
-A INPUT -i br0 -j MACS
-A INPUT -m conntrack --ctstate INVALID -j DROP
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -m conntrack --ctstate NEW -j ACCEPT
-A INPUT -i br0 -m conntrack --ctstate NEW -j ACCEPT
-A INPUT -d 224.0.0.0/4 -p igmp -j ACCEPT
-A INPUT -d 224.0.0.0/4 -p udp -m udp ! --dport 1900 -j ACCEPT
-A INPUT -p udp -m udp --sport 67 --dport 68 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT
-A INPUT -j DROP
-A FORWARD -o tun0 -j ACCEPT
-A FORWARD -i tun0 -j ACCEPT
-A FORWARD -i br0 -j MACS
-A FORWARD -i br0 -o br0 -j ACCEPT
-A FORWARD -m conntrack --ctstate INVALID -j DROP
-A FORWARD -d 224.0.0.0/4 -p udp -j ACCEPT
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD ! -i br0 -o vlan2 -j DROP
-A FORWARD -m conntrack --ctstate DNAT -j ACCEPT
-A FORWARD -p tcp -m tcp --dport 12975 -j DROP
-A FORWARD -p tcp -m tcp --dport 32976 -j DROP
-A FORWARD -p udp -m udp --dport 17771 -j DROP
-A OUTPUT -o tun0 -j ACCEPT
-A SECURITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 
1/sec -j RETURN
-A SECURITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK RST -m limit --limit 
1/sec -j RETURN
-A SECURITY -p udp -m limit --limit 5/sec -j RETURN
-A SECURITY -p icmp -m limit --limit 5/sec -j RETURN
-A SECURITY -j DROP
-A logaccept -m conntrack --ctstate NEW -j LOG --log-prefix "ACCEPT " 
--log-tcp-sequence --log-tcp-options --log-ip-options --log-macdecode
-A logaccept -j ACCEPT
-A logdrop -m conntrack --ctstate NEW -j LOG --log-prefix "DROP " 
--log-tcp-sequence --log-tcp-options --log-ip-options --log-macdecode
-A logdrop -j DROP

Original comment by dmytro.v...@gmail.com on 29 Apr 2012 at 8:07

GoogleCodeExporter commented 9 years ago 
In case of you has Segfault interaction with HDD - it is effect of incompatible 
external shared libraries. It might be optware uClibc or other iptables 
libraries. You have to read wl500g.info forum or any Linux-related resource for 
more information.

unset LD_LIBRARY_PATH !

Original comment by lly.dev on 30 Apr 2012 at 11:20

GoogleCodeExporter commented 9 years ago 
Thank you-
With HD-
$ iptables -V
iptables v1.4.3.2

Without HD-
$ iptables -V
iptables v1.4.3.2

On Sun, Apr 29, 2012 at 6:23 AM, <wl500g@googlecode.com> wrote:

Original comment by dmytro.v...@gmail.com on 30 Apr 2012 at 4:23

GoogleCodeExporter commented 9 years ago 
I removed LD_LIBRARY_PATH from file /opt/etc/profile
LD_LIBRARY_PATH=/opt/lib:${LD_LIBRARY_PATH}

this solved my problem!

Original comment by dmytro.v...@gmail.com on 30 Apr 2012 at 5:06