Recent content by nick_max

Hi, Recently I have noticed a strange and very annoying issue in LAN > DHCP server settings page, "DNS and WINS Server Setting" section: the DNS IP address keeps deleting itself automatically, every time the WAN loses its connection. After WAN connection is restored, I have to manually enter...

All right :) Thank you so much for all your help and patience.

Yes, you're right. I suppose I would prefer my rules on top because of my OCD :)

Yes, that's right, I have an IPSec server running alongside OpenVPN. When I reboot the router, the OpenVPN rules are applied at the top, but when I restart the firewall they get demoted to line 6-8. Is there a way to always keep them on 1-3? Thank you.

Sure, please see below: Chain INPUT (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 0 0 ACCEPT all -- ppp0 * 10.10.10.0/24 0.0.0.0/0 2 0 0 ACCEPT udp -- ppp0 *...

Hi Colin, At reboot, your script works perfectly and applies the custom firewall rules at the top. I have restarted the firewall manually and after that, the rules are applied on line 6, 7 and 8 (they are no longer at the top). This way the rules make no difference. Do you know what is...

Awesome, I did exactly as you said: - I've removed the firewall-start and openvpn-event files - created the openvpnserver1.postconf file with your code I'll wait and see what happens after a few days and reboots. I appreciate very much your help :) Cheers!

Hi Colin, Please see below: #!/bin/sh iptables -t nat -I PREROUTING -p tcp --dport xxx -j ACCEPT iptables -I INPUT -p tcp --dport xxx -j ACCEPT iptables -I OVPN -i tun21 -d 192.168.1.0/24 -j ACCEPT iptables -t mangle -I PREROUTING -i tun21 -j MARK --set-mark 0x01/0x7

Hi Colin, After a couple of days of seeing what's happening with the new script, I have noticed that after reboot, the iptables rules get applied successfully, but after a while these rules get automatically deleted. My assumption is that even though the rules are applied at reboot, somewhere...

Cheers! That's exactly what I'm trying to do: block everything except 2 IPs to my OpenVPN server. I will definitely try your script and let you know. Many thanks :)

All right, I did what you asked and this is what the syslog shows: Jun 30 20:56:59 custom_script: Running /jffs/scripts/openvpn-event (args: tun21 1500 1624 192.168.110.1 255.255.255.0 init) Jun 30 20:56:59 openvpn-event: tun21 Jun 30 20:56:59 asus: ===========< OpenVPN fw rlz applied...

I have renamed my file from firewall-start to openvpn-event. Now there's no more firewall-start. Should I rename back, reboot and see the parameters?

Many thanks for your input, I have renamed the file from firewall-start to openvpn-event, I've added your logger line and I've deleted the sleep command. The openvpn-event script is called 3 times in the log: Jun 30 20:12:06 custom_script: Running /jffs/scripts/openvpn-event (args: tun21 1500...

Nope, no dual-WAN in my router

Thanks for your reply. Unfortunately it is a problem because these custom rules are inserted 3 times into the INPUT chain. I can see that when I run the iptables -t filter -L INPUT -n -v command. If the firewall-start file is not a good place to put my custom rules, is there a way for these...