OpenWrt Forum Archive

Topic: /etc/init.d/firewall getting wrong WAN interface

The content of this topic has been archived on 23 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
whbjr
9 Mar 2008, 17:58

I reflashed Kamikaze 7.09 on my Netgear WGT634U, which had no network trouble before, but now...

I couldn't connect (HTTP or SSH) from the WAN side.
- Yes, I'd opened both of those ports in /etc/firewall.user and "iptables -L input_wan" showed the right rules:

# iptables -L input_wan
Chain input_wan (2 references)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:22
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:80

So, that chain must not be getting called.  It's supposed to be from this rule in the INPUT chain:

# iptables -L INPUT -v
Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
...
    3   712 input_wan  all  --  ath0   any     anywhere             anywhere

But wait, "ath0" isn't my WAN interface!

# tail -3 /etc/config/network
config interface        wan
        option ifname   "eth0.1"
        option proto    dhcp

# uci show network.wan
network.wan=interface
network.wan.ifname=eth0.1
network.wan.proto=dhcp

So those two agree, but when /etc/init.d/firewall runs "config_get WAN wan ifname" it's getting the wrong device.  Why?

Post #2
whbjr
12 Apr 2008, 20:27

(Finally getting back to this problem)

# cat /var/state/network
config_set 'loopback' 'ifname' 'lo'
config_set 'loopback' 'up' '1'
config_set 'loopback' 'ifname' 'lo'
config_set 'loopback' 'up' '1'
config_set 'wan' 'ifname' 'eth0.1'          ###
config_set 'lan' 'ifname' 'br-lan'
config_set 'lan' 'up' '1'
config_set 'wan' 'ipaddr' '192.168.111.101'
config_set 'wan' 'ifname' 'ath0'            ###
config_set 'wan' 'netmask' '255.255.255.0'
config_set 'wan' 'dnsdomain' 'mycity.rr.com'
config_set 'wan' 'dns' '111.93.41.127 111.93.41.128'
config_set 'wan' 'gateway' '192.168.111.1'
config_set 'wan' 'up' '1'

Note that the 'loopback' items are duplicated - but that's not causing the problem. The problem is caused by the conflicting wan ifname lines! (I've added ### to make them stand out)

I removed /var/state/network and rebooted, and got the same file. Who's creating this, and why does it get the wrong wan ifname?

The discussion might have continued from here.