1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

AC86U firewall-start IP logging

Discussion in 'Asuswrt-Merlin' started by Maverickcdn, Jan 18, 2019.

  1. Maverickcdn

    Maverickcdn Occasional Visitor

    Joined:
    Mar 14, 2018
    Messages:
    13
    Hello all

    Just upgraded from an N66 to the AC86u and slammed 384.8_2 on it.

    Ive set up some iptables in firewall-start for logging connections but they dont appear to be logging, firewall-start shows its been loaded at boot and doesnt flag any errors but nothing gets logged according to the rules.

    Also have settings in the logging page to 'Default Log Level>debug' Log messages more urgent>all'

    Can anyone offer up a suggestion on where I went wrong here? On the old N66 with this it would log all the connections to those rules and show them in the logging output in the webgui page, now it doesnt show anything. :(
     
  2. dave14305

    dave14305 Senior Member

    Joined:
    May 19, 2018
    Messages:
    345
    Can you post the output of
    Code:
    iptables -S
     
  3. Maverickcdn

    Maverickcdn Occasional Visitor

    Joined:
    Mar 14, 2018
    Messages:
    13
    With a little more time Ive done some more looking, iptables -L shows the rules arent even been added hence why they're not logging..... if I manually add them they work. Seems I have an issue somewhere in my firewall-start

    its created in Notepad++ and chmod a+rx Im kinda confused now...
     
  4. dave14305

    dave14305 Senior Member

    Joined:
    May 19, 2018
    Messages:
    345
    Don’t you need a line number after the chain name (FORWARD, INPUT) for inserts?
     
  5. Maverickcdn

    Maverickcdn Occasional Visitor

    Joined:
    Mar 14, 2018
    Messages:
    13
    So if get with no other mention in the log
    during boot .... and have the script listed above in firewall-start... but IPTABLES isn't showing the rules is it an issue with the formatting of my firewall-start file maybe?? Might try just typing it out in nano over ssh and see if it makes a difference

    it just inserts to the top of the chain
     
  6. dave14305

    dave14305 Senior Member

    Joined:
    May 19, 2018
    Messages:
    345
    If you uploaded it from a PC, run
    Code:
    dos2unix /jffs/scripts/firewall-start
     
  7. Maverickcdn

    Maverickcdn Occasional Visitor

    Joined:
    Mar 14, 2018
    Messages:
    13
    Boom! Thank you

    Simple oversight by me quickly corrected by another kind forum member, you da man!
     
    dave14305 likes this.