search

javitu / rt-n56u

Automatically exported from code.google.com/p/rt-n56u
0 stars 2 forks source link

Firewall rules not saving #1401

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
1. vi /etc/storage/post_iptables_script.sh
2. Add:

#!/bin/sh

### Custom user script
### Called after internal iptables reconfig (firewall update)
iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j DNAT --to 
208.122.23.23
iptables -t nat -A PREROUTING -i br0 -p tcp --dport 53 -j DNAT --to 
208.122.23.22

3. run /etc/storage/post_iptables_script.sh
4. run iptables -nvL

Chain INPUT (policy DROP 4 packets, 437 bytes)
 pkts bytes target     prot opt in     out     source               destination
 2093  360K ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
  786 87323 ACCEPT     all  --  br0    *       0.0.0.0/0            0.0.0.0/0
   27  1955 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0
    2    84 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            state INVALID
   13  4359 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp spt:67 dpt:68
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:1723
    0     0 ACCEPT     47   --  *      *       0.0.0.0/0            0.0.0.0/0
  124 10721 vpnlist    all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmp !type 8

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    6   508 ACCEPT     all  --  br0    br0     0.0.0.0/0            0.0.0.0/0
    0     0 TCPMSS     tcp  --  ppp+   *       0.0.0.0/0            0.0.0.0/0            tcp flags:0x06/0x02 TCPMSS clamp to PMTU
14227 6075K ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0   
         state RELATED,ESTABLISHED
   56  2636 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            state INVALID
  770  144K ACCEPT     all  --  br0    *       0.0.0.0/0            0.0.0.0/0
    2   112 vpnlist    all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            192.168.10.1         tcp dpt:8080
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            192.168.10.1         tcp dpt:8082
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            192.168.10.1         tcp dpt:8081
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            192.168.10.3         tcp dpt:8999
    2   112 upnp       all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain OUTPUT (policy ACCEPT 189 packets, 29422 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain bfplimit (0 references)
 pkts bytes target     prot opt in     out     source               destination

Chain maclist (0 references)
 pkts bytes target     prot opt in     out     source               destination

Chain upnp (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain urllist (0 references)
 pkts bytes target     prot opt in     out     source               destination

Chain vpnlist (2 references)
 pkts bytes target     prot opt in     out     source               destination

The added routes are nowhere to be found. I tried everything, but the rules 
just don't show up.

I'm using 3.4.3.8-088 base

Original issue reported on code.google.com by rogierve...@gmail.com on 13 Jan 2015 at 12:52

GoogleCodeExporter commented 8 years ago 
You should run
iptables -nvL -t nat
or
iptables -S -t nat

cause you added rule for "nat" table.

Original comment by d...@soulblader.com on 13 Jan 2015 at 6:29