Recent content by vStache

Updated our main router to 388.1 over the weekend with the VPN client DNS set to Disabled. No issues so far. It looks like I found the issue and workaround. I might have found a bug in the firmware. Is there a way to report an issue such as this?

Figured the issue out. I use the router's OpenVPN to connect to a VPN provider and I have been setting the VPN Client DNS option to Strict. Changing that to Disabled seems to have fixed the issue. I always use VPN Director and only a couple of devices were set to use the VPN and rest are set...

I have been using Merlin Firmware for multiple years on RT-AX86U. I make use of a number of extensions such as JFFS, DNS Filter, VPN Director, etc. I moved to 388.1 when it was released in Dec 2022 and had random connectivity issues. I moved back to 386.7.2 which has no issues. Recently, I...

Now it works. No idea why it stopped and why it started again. it didn’t work for the last couple of days.

192.168.100.0/25 (br0) is the main LAN where most of our devices are. I separated one of the LAN ports on RT-AX86u and created another subnet 192.168.110.0/28 (br10) which is used for the home theater. These devices are isolated from br0 because there are some cloud controlled devices in the...

Thanks for the prompt responses. Yes. I added the PREROUTING rule. it shows up as PREROUTING -d 192.168.110.0/28 -p udp -m udp --dport 9 -j DNAT --to-destination 192.168.110.5 when i use the command iptables -S PREROUTING -t nat It shows up as DNAT udp -- any any anywhere 192.168.110.0/28...

Nothing seems to be running at port 9. The following shows in place of PREROUTING rule and WOL packets do not reach the subnet. DNAT udp -- any any anywhere 192.168.-.-/25 udp dpt:discard to:192.168.-.- in response to the command iptables -vL -t nat The rule set...

I recently discovered that discard service is running on port 9 on Merlin AsusWRT when I tried to setup a PREROUTING rule for port 9 to enable WOL across subnets. On Linux, discard can be disabled by commenting out lines with discard service in /etc/inetd/inetd.conf which does not exist on...

No more ideas!

Running dos2unix does not change anything. That is not surprising because I created firewall-start directly on the router using vi. I still have to run "sh firewall-start" every time. I am not using QOS or parental controls. I changed NAT loopback setting to Asus and that did not change...

I checked and you are right. The rules disappear after reboot. Not sure how to make them persistent. The rules are in firewall-start in the folder /jffs/scripts. Additionally, even if I use -I the rules registered show -A. I reran the script after reboot and made sure the rules are present and...

External IP: 173.29.79.83. LAN IP: 192.168.2.10 The dropped packets show destination address as internal IP if the port 5060 is forwarded. Otherwise, they show external IP.

Tried -I option. That did not help. Log is as follows: ep 1 13:53:35 kernel: DROP <4>DROP IN=eth0 OUT= MAC=08:62:66:3b:dd:18:a4:4c:11:8a:a5:d9:08:00 <1>SRC=172.56.10.190 DST=192.168.2.10 <1>LEN=553 TOS=0x00 PREC=0x00 TTL=52 ID=11321 PROTO=UDP <1>SPT=37590 DPT=5060 LEN=533 Sep 1 13:53:36...

Setting up port forwarding for the port 5060 fixed the problem with connecting from the LAN using external IP address. But it still does not work from the WAN.

I added the firewall rules suggested on the site and executed the script. The packets are still dropped. Please see the log entries below: Sep 1 11:10:43 kernel: DROP <4>DROP IN=eth0 OUT= MAC=08:62:66:3b:dd:18:a4:4c:11:8a:a5:d9:08:00 <1>SRC=172.56.2.20 DST=173.29.79.83 <1>LEN=555 TOS=0x00...