Hi!
I'm just beginner with OpenWrt (+Webif2). It runs (nearly) fine on my Asus WL-500GP (v1) for 3 days. But I've problem with NAT (it not translates clients requests to WAN). My router runs in classical AP mode with LAN switch bridged to wireless and 1 WAN port. When I configure clients with OpernWrt as a gateway, clients doesn't get WAN access. I've read howtos and documentation, however I haven't found any suitable solution. My ADSL modem has 192.168.1.1 address, OpenWrt WAN is 192.168.1.2, local network subnet id 10.9.8.0/24.
Here is my network configuration.
1. ifconfig:
br-lan Link encap:Ethernet HWaddr 00:1F:C6:36:EA:57
inet addr:10.9.8.2 Bcast:10.9.8.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2374 errors:0 dropped:0 overruns:0 frame:0
TX packets:1952 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:201136 (196.4 KiB) TX bytes:333663 (325.8 KiB)
eth0 Link encap:Ethernet HWaddr 00:1F:C6:36:EA:57
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2757 errors:0 dropped:0 overruns:0 frame:0
TX packets:2142 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:279894 (273.3 KiB) TX bytes:395473 (386.2 KiB)
Interrupt:4
eth0.0 Link encap:Ethernet HWaddr 00:1F:C6:36:EA:57
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2376 errors:0 dropped:0 overruns:0 frame:0
TX packets:1952 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:210708 (205.7 KiB) TX bytes:341471 (333.4 KiB)
eth0.1 Link encap:Ethernet HWaddr 00:1F:C6:36:EA:57
inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:385 errors:0 dropped:0 overruns:0 frame:0
TX packets:192 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:5
RX bytes:19844 (19.3 KiB) TX bytes:42682 (41.6 KiB)
imq0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
UP RUNNING NOARP MTU:1500 Metric:1
RX packets:554 errors:0 dropped:0 overruns:0 frame:0
TX packets:554 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:5
RX bytes:48883 (47.7 KiB) TX bytes:48883 (47.7 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1 errors:0 dropped:0 overruns:0 frame:0
TX packets:1 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:86 (86.0 B) TX bytes:86 (86.0 B)
wl0 Link encap:Ethernet HWaddr 00:1F:C6:36:EA:57
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:2520390
TX packets:0 errors:41 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:2 Base address:0x20002. brctl show:
bridge name bridge id STP enabled interfaces
br-lan 8000.001fc636ea57 no eth0.0
wl03. iptables -v -L:
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all -- any any anywhere anywhere state INVALID
1689 129K ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
0 0 DROP tcp -- any any anywhere anywhere tcp option=!2 flags:SYN/SYN
1247 139K input_rule all -- any any anywhere anywhere
553 48255 input_wan all -- eth0.1 any anywhere anywhere
1247 139K LAN_ACCEPT all -- any any anywhere anywhere
0 0 ACCEPT icmp -- any any anywhere anywhere
0 0 ACCEPT gre -- any any anywhere anywhere
0 0 REJECT tcp -- any any anywhere anywhere reject-with tcp-reset
553 48255 REJECT all -- any any anywhere anywhere reject-with icmp-port-unreachable
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all -- any any anywhere anywhere state INVALID
0 0 TCPMSS tcp -- any any anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
0 0 ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
0 0 forwarding_rule all -- any any anywhere anywhere
0 0 forwarding_wan all -- eth0.1 any anywhere anywhere
0 0 ACCEPT all -- br-lan br-lan anywhere anywhere
0 0 ACCEPT all -- br-lan eth0.1 anywhere anywhere
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all -- any any anywhere anywhere state INVALID
1564 276K ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
456 72298 output_rule all -- any any anywhere anywhere
456 72298 ACCEPT all -- any any anywhere anywhere
0 0 REJECT tcp -- any any anywhere anywhere reject-with tcp-reset
0 0 REJECT all -- any any anywhere anywhere reject-with icmp-port-unreachable
Chain LAN_ACCEPT (1 references)
pkts bytes target prot opt in out source destination
553 48255 RETURN all -- eth0.1 any anywhere anywhere
694 90361 ACCEPT all -- any any anywhere anywhere
Chain forwarding_rule (1 references)
pkts bytes target prot opt in out source destination
Chain forwarding_wan (1 references)
pkts bytes target prot opt in out source destination
Chain input_rule (1 references)
pkts bytes target prot opt in out source destination
Chain input_wan (1 references)
pkts bytes target prot opt in out source destination
Chain output_rule (1 references)
pkts bytes target prot opt in out source destination4. iptables -v -L -t nat:
Chain PREROUTING (policy ACCEPT 759 packets, 53370 bytes)
pkts bytes target prot opt in out source destination
89 4296 NEW tcp -- any any anywhere anywhere state NEW
759 53370 prerouting_rule all -- any any anywhere anywhere
378 11184 prerouting_wan all -- eth0.1 any anywhere anywhere
Chain POSTROUTING (policy ACCEPT 254 packets, 33202 bytes)
pkts bytes target prot opt in out source destination
328 50177 postrouting_rule all -- any any anywhere anywhere
76 18062 MASQUERADE all -- any eth0.1 anywhere anywhere
Chain OUTPUT (policy ACCEPT 330 packets, 51264 bytes)
pkts bytes target prot opt in out source destination
Chain NEW (1 references)
pkts bytes target prot opt in out source destination
89 4296 RETURN all -- any any anywhere anywhere limit: avg 50/sec burst 100
0 0 DROP all -- any any anywhere anywhere
Chain postrouting_rule (1 references)
pkts bytes target prot opt in out source destination
Chain prerouting_rule (1 references)
pkts bytes target prot opt in out source destination
Chain prerouting_wan (1 references)
pkts bytes target prot opt in out source destination