OpenWrt Forum Archive

Topic: Firewall issue

The content of this topic has been archived on 7 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
dOCtoR MADneSs
23 Jun 2009, 09:09

Hi,

I'm running Kamikaze 8.09.1 brcm-2.4 on a linksys wrt54gs 1.1
All runs correctly for days, then the firewall port forwarding seems to be stopped. I can't connect to any forwarded port. I did a firewall restart using init script, no change.
I've to reboot the router, to get the firewall works for some days... I had similar issue : http://forum.openwrt.org/viewtopic.php?id=20250 with previous version.
I've ran several version of openwrt firmware, on several linksys wrt54g models (wrt54g, wrt54gs, wrt54gl), and some never had this issue, some other did.

Any help would be appreciated.

my /etc/config/firewall :

config 'defaults'
        option 'syn_flood' '1'
        option 'input' 'ACCEPT'
        option 'output' 'ACCEPT'
        option 'forward' 'REJECT'

config 'zone'
        option 'name' 'lan'
        option 'input' 'ACCEPT'
        option 'output' 'ACCEPT'
        option 'forward' 'REJECT'

config 'zone'
        option 'name' 'wan'
        option 'input' 'REJECT'
        option 'output' 'ACCEPT'
        option 'forward' 'REJECT'
        option 'masq' '1'        

config 'forwarding'
        option 'src' 'lan'
        option 'dest' 'wan'
        option 'mtu_fix' '1'

config 'include'
        option 'path' '/etc/firewall.user'

config 'redirect'
        option 'src' 'wan'
        option '_name' 'ftp'
        option 'proto' 'tcp'
        option 'src_dport' '21'
        option 'dest_ip' '192.168.1.3'
        option 'dest_port' '21'       
        option 'src_ip' '88.191.98.53'

config 'redirect'
        option 'src' 'wan'
        option '_name' 'ssh'
        option 'proto' 'tcp'
        option 'src_dport' '22'
        option 'dest_ip' '192.168.1.3'
        option 'dest_port' '22'       
        option 'src_ip' '88.191.98.53'

config 'redirect'
        option 'src' 'wan'
        option '_name' 'https'
        option 'proto' 'tcp'  
        option 'src_dport' '443'
        option 'dest_ip' '192.168.1.3'
        option 'dest_port' '443'      
        option 'src_ip' '88.191.98.53'

config 'redirect'
        option 'src' 'wan'
        option '_name' 'sabnzbd'
        option 'proto' 'tcp'    
        option 'src_dport' '8800'
        option 'dest_ip' '192.168.1.3'
        option 'dest_port' '8800'     
        option 'src_ip' '88.191.98.53'

config 'redirect'
        option 'src' 'wan'
        option '_name' 'ssh-ws'
        option 'proto' 'tcp'   
        option 'src_dport' '2234'
        option 'dest_ip' '192.168.1.1'
        option 'dest_port' '22'       
        option 'src_ip' '88.191.98.53'

config 'rule'
        option 'target' 'ACCEPT'
        option '_name' 'ping'   
        option 'src' 'wan'      
        option 'proto' 'icmp'   
        option 'src_ip' '88.191.98.53'

config 'rule'
        option '_name' 'no-smtp'
        option 'src' 'lan'
        option 'dest' 'wan'
        option 'proto' 'tcp'
        option 'dest_port' '25'
        option 'target' 'REJECT'

config 'rule'
        option 'target' 'ACCEPT'
        option '_name' 'smtp-free'
        option 'src' 'lan'
        option 'dest' 'wan'
        option 'dest_ip' '212.27.48.4'
        option 'proto' 'tcp'
        option 'dest_port' '25'

config 'rule'
        option 'target' 'ACCEPT'
        option '_name' 'smtp-makelofine'
        option 'src' 'lan'
        option 'dest' 'wan'
        option 'dest_ip' '88.191.98.53'
        option 'proto' 'tcp'
        option 'dest_port' '25'

config 'redirect'
        option 'src' 'wan'
        option '_name' 'ftp-fbx'
        option 'proto' 'tcp'
        option 'src_dport' '2121'
        option 'dest_ip' '212.27.40.254'
        option 'dest_port' '21'
        option 'src_ip' '88.191.98.53'
Post #2
dOCtoR MADneSs
25 Jun 2009, 08:20

My firewall crashed again and I can't reboot my router every 2 days... please someone helps me

The discussion might have continued from here.