OpenWrt Forum Archive

Topic: problem with wan network config

The content of this topic has been archived on 8 Mar 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
bender02
15 Jun 2009, 23:46

I guess I'm not able to write the network config file properly so that wan works straight on boot. Here's /etc/config/network:

config 'interface' 'loopback'
    option 'ifname' 'lo'
    option 'proto' 'static'
    option 'ipaddr' '127.0.0.1'
    option 'netmask' '255.0.0.0'

config 'interface' 'wan'
    option 'ifname' 'eth0'
#    option 'type' 'bridge'
    option 'proto' 'static'
    option 'netmask' '255.255.255.0'
    option 'dns' '128.176.0.12'
    option 'gateway' '192.168.1.1'
    option 'ipaddr' '192.168.1.3'
    option 'macaddr' ''
    option 'ip6addr' ''
    option 'ip6gw' ''

config 'interface' 'lan'
    option 'proto' 'static'
    option 'type' 'bridge'
    option 'macaddr' ''
    option 'ip6addr' ''
    option 'netmask' '255.255.255.0'
    option 'gateway' ''
    option 'ip6gw' ''
    option 'dns' ''
    option 'ifname' 'ath0'
    option 'ipaddr' '192.168.27.10'

With this, after boot everything looks as it should (ifconfig, route, lan works), except the connections on eth0 (wan) just time out ("ping 192.168.1.1" times out, although leds on the openwrt box and the router blink as they should). Now when I edit the above file and remove the comment before the 'type bridge' and restart the network, suddenly all works as it should (now the main interface is br-wan with the correct ip, etc...)
The interesting thing is that when I leave it like this and reboot, the same trouble happens - connections just time out. After I edit the config/network file and comment out the bridge line again, and restart the network, everything works as it should again.

Where could be the problem? Thanks!

Post #2
phorn
16 Jun 2009, 02:10

I think the problem is in the firewall configuration... by default I think it drops all traffic on the wan network.

You might also want to turn off masquerading, since they both look to be internal IP addresses. To do this, take out the "option masq 1" in the firewall config.

Post #3
bender02
16 Jun 2009, 07:46

Well I'm almost sure that's not it, since what I tried is completely disable firewall (/etc/init.d/firewall disable), reboot, and the problem remains exactly the same. I checked and there were no iptables rules loaded after reboot.

Post #4
bender02
16 Jun 2009, 17:19

I also found out that when I edit the network config file back to the setting that was there on boot, the network again won't work. This is true regardless whether on boot the bridge option is commented out on boot or not.

Post #5
osgeek
18 Jun 2009, 03:56

I came across a similar problem and added the following line to /etc/firewall.user

iptables -I INPUT -j ACCEPT

That jumps an ACCEPT in front of everything else that iptables inserts.  It's kind of brute force and I'd like to modify the actual iptable rule that creates the block in the first place, but I can do that later.

I know you said you disabled your firewall rules... but I thought I'd mention my fix anyway.

The discussion might have continued from here.