Ticket #2 (closed Bug report: wontfix)

Opened 14 years ago

Last modified 9 years ago

Wifidog don't work on OpenWRT experimental

Reported by: ludocornut Owned by:
Priority: normal Milestone: Gateway 1.1.3
Component: Gateway Version: Gateway SVN
Keywords: Cc:

Change History

Changed 14 years ago by kakaouete

Logged In: YES 
user_id=793839

I finally find a way to fix this problem :

just put wifidog before S45firewall in booting process (for
example rename it S43wifidog)

And add a sleep 10 at the beginnig of S45firewall too
because wifidog take a little time to put its rules in
netfilter.

A way to fix it definitively is to use insert (-I) instead
of add (-A) in iptables command when adding rules to
standart chain.

Changed 14 years ago by ludocornut

Logged In: YES 
user_id=1273191

Another way to workaround this problem is to comment (in 
S45firewall) the line 
iptables -A FORWARD -i br0 -o br0 -j ACCEPT
iptables -A FORWARD -i $LAN -o $WAN -j ACCEPT
in FORWARDING section.

Changed 14 years ago by fproulx

Logged In: YES 
user_id=1245118

Isn't this one solved ?

Changed 14 years ago by kakaouete

Logged In: YES 
user_id=793839

I dindt try the fix by ludocornut, i guess it is ok.

I confirm itand maybe it will be fixed :]

Changed 14 years ago by kakaouete

Logged In: YES 
user_id=793839

looks like it is working :)

Changed 14 years ago by max-horvath

Logged In: YES 
user_id=1359416

I can confirm that applying ludocornut's patch to S45firewall fixes the 
problem.

I think we should add this information to the README or the installation 
instructions - or we should ship our own firewall script.

Changed 14 years ago by fproulx

Logged In: YES 
user_id=1245118

It's been working fine on Whiterussian for 2 months. I'm closing this one

Changed 14 years ago by fproulx

  • status changed from assigned to closed

Changed 14 years ago by MaxHorvath

  • priority changed from 5 to 2
  • status changed from closed to reopened
  • version changed from v1.0 (example) to For 1.0
  • resolution None deleted
  • milestone set to WifiDog Auth Server 1.0

I repeat - this problem hasn't been fixed for now if you're using a bridged interface on the WRT54G(S) ...

Just another user in IRC reported the problem ...

We either fix it or we should write about it in our documentation or wiki ...

Changed 14 years ago by benoitg

  • priority changed from 2 to normal
  • version For 1.0 deleted
  • description modified (diff)
  • milestone WifiDog Auth Server 1.0 deleted

Changed 14 years ago by benoitg

  • version set to Gateway SVN

Changed 14 years ago by anonymous

Removing following line from forward chain works for me

iptables -A FORWARD -i br0 -o br0 -j ACCEPT iptables -A FORWARD -i $LAN -o $WAN -j ACCEPT I am using openwrt experimental

Changed 14 years ago by max-horvath

  • status changed from reopened to closed
  • resolution set to wontfix
  • milestone set to Gateway 1.1.3

I'll close this bug as I'll be adding the info to fix the problem to the wiki:

If you are running the WiFiDog software on a WRT54G running a later OpenWrt firmware, the current firewall rules do not permit such behaviour.  You are going to have to disable forwarding from the bridge interface to the wan interface:

# The following have been commented out for WiFiDog to work
# iptables -A FORWARD -i br0 -o br0 -j ACCEPT
# iptables -A FORWARD -i $LAN -o $WAN -j ACCEPT

Changed 14 years ago by max-horvath

  • status changed from closed to reopened
  • resolution wontfix deleted

Changed 14 years ago by max-horvath

  • owner nobody deleted
  • status changed from reopened to new

Changed 14 years ago by max-horvath

  • status changed from new to closed
  • resolution set to wontfix

Changed 9 years ago by jodoreps

  • description modified (diff)
Note: See TracTickets for help on using tickets.