Ticket #2 (closed Bug report: wontfix)

Opened 3 years ago

Last modified 8 months ago

Wifidog don't work on OpenWRT experimental

Reported by: ludocornut Assigned to:
Priority: normal Milestone: Gateway 1.1.3
Component: Gateway Keywords:
Cc:

Description (Last modified by benoitg) 

Wifidog don't work on lastest OpenWRT experimetal 
version for Linksys WRT54G and WRT54GS.
Wifidog block well query on 80 port and redirect to login 
page, but don't block all port <> 80 !.

In lastest version of OpenWRT, the files S45firewall 
hasn't same format than before.

old and new iptables files are joined to this ...

Attachments

Change History

07/23/05 06:31:39 changed by kakaouete 

Logged In: YES 
user_id=793839

I finally find a way to fix this problem :

just put wifidog before S45firewall in booting process (for
example rename it S43wifidog)

And add a sleep 10 at the beginnig of S45firewall too
because wifidog take a little time to put its rules in
netfilter.

A way to fix it definitively is to use insert (-I) instead
of add (-A) in iptables command when adding rules to
standart chain.

07/27/05 12:33:01 changed by ludocornut 

Logged In: YES 
user_id=1273191

Another way to workaround this problem is to comment (in 
S45firewall) the line 
iptables -A FORWARD -i br0 -o br0 -j ACCEPT
iptables -A FORWARD -i $LAN -o $WAN -j ACCEPT
in FORWARDING section.

10/07/05 23:44:20 changed by fproulx 

Logged In: YES 
user_id=1245118

Isn't this one solved ?

10/08/05 07:39:37 changed by kakaouete 

Logged In: YES 
user_id=793839

I dindt try the fix by ludocornut, i guess it is ok.

I confirm itand maybe it will be fixed :]

10/08/05 08:00:33 changed by kakaouete 

Logged In: YES 
user_id=793839

looks like it is working :)

10/12/05 13:29:00 changed by max-horvath 

Logged In: YES 
user_id=1359416

I can confirm that applying ludocornut's patch to S45firewall fixes the 
problem.

I think we should add this information to the README or the installation 
instructions - or we should ship our own firewall script.

11/04/05 11:42:44 changed by fproulx 

Logged In: YES 
user_id=1245118

It's been working fine on Whiterussian for 2 months. I'm closing this one

11/04/05 11:42:46 changed by fproulx

  • status changed from assigned to closed.

01/20/06 18:17:23 changed by MaxHorvath

  • priority changed from 5 to 2.
  • status changed from closed to reopened.
  • version changed from v1.0 (example) to For 1.0.
  • resolution deleted.
  • milestone set to WifiDog Auth Server 1.0.

I repeat - this problem hasn't been fixed for now if you're using a bridged interface on the WRT54G(S) ...

Just another user in IRC reported the problem ...

We either fix it or we should write about it in our documentation or wiki ...

01/22/06 23:12:37 changed by benoitg

  • priority changed from 2 to normal.
  • version deleted.
  • description changed.
  • milestone deleted.

01/22/06 23:59:28 changed by benoitg

  • version set to Gateway SVN.

02/05/06 01:56:46 changed by anonymous

Removing following line from forward chain works for me

iptables -A FORWARD -i br0 -o br0 -j ACCEPT iptables -A FORWARD -i $LAN -o $WAN -j ACCEPT I am using openwrt experimental

02/22/06 10:28:47 changed by max-horvath

  • status changed from reopened to closed.
  • resolution set to wontfix.
  • milestone set to Gateway 1.1.3.

I'll close this bug as I'll be adding the info to fix the problem to the wiki: 

If you are running the WiFiDog software on a WRT54G running a later OpenWrt firmware, the current firewall rules do not permit such behaviour.  You are going to have to disable forwarding from the bridge interface to the wan interface:

# The following have been commented out for WiFiDog to work
# iptables -A FORWARD -i br0 -o br0 -j ACCEPT
# iptables -A FORWARD -i $LAN -o $WAN -j ACCEPT

03/14/06 23:31:45 changed by max-horvath

  • status changed from closed to reopened.
  • resolution deleted.

03/14/06 23:31:56 changed by max-horvath

  • status changed from reopened to new.
  • owner deleted.

03/14/06 23:32:27 changed by max-horvath

  • status changed from new to closed.
  • resolution set to wontfix.

Add/Change #2 (Wifidog don't work on OpenWRT experimental)




Action