Gargoyle 1.11.0 Release Candidate 5

Want to share your OpenWrt / Gargoyle knowledge? Implemented a new feature? Let us know here.

Moderator: Moderators

Lantis
Moderator
Posts: 5051
Joined: Mon Jan 05, 2015 5:33 am
Location: Australia

Re: Gargoyle 1.11.0 Release Candidate 5

Postby Lantis » Tue Feb 19, 2019 4:13 pm

I can’t add space to your router. The firmware is growing, not shrinking.
You could use a USB stick to expand your plugin space?

The Adblock plugin needs a bit of work, yes. But that won’t change the storage limits.
Routers: Various ar71xx/mvebu/x86-64
http://lantisproject.com/downloads/gargoyle_ispyisail.php for the latest releases

top_s
Posts: 37
Joined: Mon Aug 13, 2018 10:09 pm
Location: Brazil

Re: Gargoyle 1.11.0 Release Candidate 5

Postby top_s » Thu Feb 21, 2019 12:41 pm

1.11.0 is available for download in "download" section of this site as experimental:

https://www.gargoyle-router.com/download.php

Is it the same release as this RC5?
WDR4300 v1 (stock)
WR941nd v2 (1.9.2)
WA901nd v2 (1.6.2)
2x WR741nd (1.6.2)

(Up to) 1gbps up/down link

ispyisail
Moderator
Posts: 4632
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: Gargoyle 1.11.0 Release Candidate 5

Postby ispyisail » Thu Feb 21, 2019 2:08 pm

Is it the same release as this RC5?

I don't think so

https://github.com/ericpaulbishop/gargo ... its/master

Lantis
Moderator
Posts: 5051
Joined: Mon Jan 05, 2015 5:33 am
Location: Australia

Re: Gargoyle 1.11.0 Release Candidate 5

Postby Lantis » Thu Feb 21, 2019 4:16 pm

No it has had several updates.

I’m going to remove RC1-4, and remove RC5 is a few months.
Routers: Various ar71xx/mvebu/x86-64
http://lantisproject.com/downloads/gargoyle_ispyisail.php for the latest releases

top_s
Posts: 37
Joined: Mon Aug 13, 2018 10:09 pm
Location: Brazil

Re: Gargoyle 1.11.0 Release Candidate 5

Postby top_s » Thu Feb 21, 2019 5:05 pm

Great.

Huge thanks to y'all!
WDR4300 v1 (stock)
WR941nd v2 (1.9.2)
WA901nd v2 (1.6.2)
2x WR741nd (1.6.2)

(Up to) 1gbps up/down link

User avatar
RomanHK
Posts: 372
Joined: Sat May 04, 2013 4:18 pm
Location: Czech Republik

Re: Gargoyle 1.11.0 Release Candidate 5

Postby RomanHK » Thu Feb 21, 2019 10:03 pm

Unfortunately, I did not manage to enroll in RC, but I found errors:
My Router: Turris Omnia
Target: mvebu (Marvell Armanda XP/370)

1. problem - little seriousness, I will fix myself.
This warning is displayed cyclically, and the PPPoE connection is performed for a longer time and sometimes not at all:

Code: Select all

Fri Feb 15 23:05:18 2019 daemon.notice netifd: Interface 'wan' is now down
Fri Feb 15 23:05:18 2019 kern.info kernel: [  241.157867] mvneta f1034000.ethernet eth2: Link is Down
Fri Feb 15 23:05:18 2019 kern.info kernel: [  241.171216] IPv6: ADDRCONF(NETDEV_UP): eth2: link is not ready
Fri Feb 15 23:05:18 2019 daemon.notice netifd: Interface 'wan' is disabled
Fri Feb 15 23:05:18 2019 kern.info kernel: [  241.273433] mvneta f1034000.ethernet eth2: PHY [f1072004.mdio-mii:01] driver [Marvell 88E1510]
Fri Feb 15 23:05:18 2019 kern.info kernel: [  241.283507] mvneta f1034000.ethernet eth2: configuring for phy/sgmii link mode
Fri Feb 15 23:05:18 2019 kern.info kernel: [  241.290862] mvneta f1034000.ethernet eth2: Link is Up - 1Gbps/Full - flow control rx/tx
Fri Feb 15 23:05:18 2019 daemon.notice netifd: Interface 'wan' is enabled
Fri Feb 15 23:05:18 2019 daemon.notice netifd: Interface 'wan' is setting up now
Fri Feb 15 23:05:18 2019 daemon.err insmod: module is already loaded - slhc
Fri Feb 15 23:05:18 2019 daemon.err insmod: module is already loaded - ppp_generic
Fri Feb 15 23:05:18 2019 daemon.err insmod: module is already loaded - pppox
Fri Feb 15 23:05:18 2019 daemon.err insmod: module is already loaded - pppoe
Fri Feb 15 23:05:18 2019 daemon.info pppd[19938]: Plugin rp-pppoe.so loaded.
Fri Feb 15 23:05:18 2019 daemon.info pppd[19938]: RP-PPPoE plugin version 3.8p compiled against pppd 2.4.7
Fri Feb 15 23:05:18 2019 daemon.notice pppd[19938]: pppd 2.4.7 started by root, uid 0
Fri Feb 15 23:05:19 2019 daemon.notice netifd: Network device 'eth2' link is down
Fri Feb 15 23:05:19 2019 daemon.notice netifd: Interface 'wan' has link connectivity loss
Fri Feb 15 23:05:19 2019 kern.info kernel: [  242.406146] mvneta f1034000.ethernet eth2: Link is Down
Fri Feb 15 23:05:21 2019 daemon.notice netifd: Network device 'eth2' link is up
Fri Feb 15 23:05:21 2019 daemon.notice netifd: Interface 'wan' has link connectivity
Fri Feb 15 23:05:21 2019 daemon.notice netifd: Interface 'wan' is setting up now
Fri Feb 15 23:05:21 2019 kern.info kernel: [  244.483007] mvneta f1034000.ethernet eth2: Link is Up - 1Gbps/Full - flow control rx/tx
Fri Feb 15 23:05:23 2019 daemon.info pppd[19938]: PPP session is 718
Fri Feb 15 23:05:23 2019 daemon.warn pppd[19938]: Connected to xx:xx:xx:xx:xx:xx via interface eth2
Fri Feb 15 23:05:23 2019 kern.info kernel: [  246.486253] pppoe-wan: renamed from ppp0
Fri Feb 15 23:05:23 2019 daemon.info pppd[19938]: Using interface pppoe-wan
Fri Feb 15 23:05:23 2019 daemon.notice pppd[19938]: Connect: pppoe-wan <--> eth2
Fri Feb 15 23:05:23 2019 daemon.info pppd[19938]: Terminating on signal 15
Fri Feb 15 23:05:23 2019 daemon.notice pppd[19938]: Connection terminated.
Fri Feb 15 23:05:23 2019 daemon.info pppd[19938]: Sent PADT
Fri Feb 15 23:05:23 2019 daemon.info pppd[19938]: Exit.

After a long search, I found out that when I delete the /etc/ppp/if-up.d/modemaccess.sh file, everything is fine and the router connects for the first time. The remote PPPoE server is no xDSL modem.

2. problem - great severity:
When the router is restarted, sometimes NAT does not start and the Internet does not go, even if everything looks good, a new reboot is needed to fix it. Note also that redirect has errors but is working.

Code: Select all

root@TurrisOmnia:~# /etc/init.d/firewall restart
Warning: Section 'redirect_enabled_number_0' has no target specified, defaulting to DNAT
Warning: Section 'redirect_enabled_number_1' has no target specified, defaulting to DNAT
Warning: Section 'redirect_enabled_number_2' has no target specified, defaulting to DNAT
Warning: Section 'redirect_enabled_number_3' has no target specified, defaulting to DNAT
Warning: Section 'redirect_enabled_number_4' has no target specified, defaulting to DNAT
Warning: Section 'redirect_enabled_number_5' has no target specified, defaulting to DNAT
Warning: Section 'redirect_enabled_number_6' has no target specified, defaulting to DNAT
 * Flushing IPv4 filter table
 * Flushing IPv4 mangle table
 * Flushing IPv6 filter table
 * Flushing IPv6 mangle table
 * Flushing conntrack table ...
 * Populating IPv4 filter table
   * Rule 'Allow-DHCP-Renew'
   * Rule 'Allow-Ping'
   * Rule 'Allow-IGMP'
   * Rule 'Allow-IPSec-ESP'
   * Rule 'Allow-ISAKMP'
   * Redirect 'www'
   * Redirect 'OpenVPN'
   * Redirect 'Web'
   * Redirect 'SMTP 25'
   * Redirect 'SMTP 30'
   * Redirect 'IMAP4'
   * Redirect 'iLO'
   * Forward 'lan' -> 'wan'
   * Zone 'lan'
   * Zone 'wan'
 * Populating IPv4 mangle table
   * Zone 'lan'
   * Zone 'wan'
 * Populating IPv6 filter table
   * Rule 'Allow-DHCPv6'
   * Rule 'Allow-MLD'
   * Rule 'Allow-ICMPv6-Input'
   * Rule 'Allow-ICMPv6-Forward'
   * Rule 'Allow-IPSec-ESP'
   * Rule 'Allow-ISAKMP'
   * Forward 'lan' -> 'wan'
   * Zone 'lan'
   * Zone 'wan'
 * Populating IPv6 mangle table
   * Zone 'lan'
   * Zone 'wan'
 * Set tcp_ecn to off
 * Set tcp_syncookies to on
 * Set tcp_window_scaling to on
 * Running script '/etc/firewall.user'
 * Running script '/usr/lib/gargoyle_firewall_util/gargoyle_additions.firewall'
iptables v1.6.2: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
udhcpc: started, v1.28.4
udhcpc: sending discover
udhcpc: sending discover
udhcpc: sending discover
udhcpc: no lease, failing
 * Running script '/usr/share/miniupnpd/firewall.include'
iptables v1.6.2: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.6.2: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.6.2: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
 * Running script '/etc/openvpn.firewall'
 * Running script '/etc/tor.firewall'
root@TurrisOmnia:~#


3. problem - great severity
The IP address range does not work (/etc/config/firewall) works with only one IP:
Does not work:

Code: Select all

config restriction_rule 'rule_1'
   option is_ingress '0'
   option description 'Block-SMTP25'
   option not_local_addr '192.168.1.1-192.168.1.2'
   option remote_port '25'
   option proto 'both'
   option enabled '1'

Works:

Code: Select all

config restriction_rule 'rule_1'
   option is_ingress '0'
   option description 'Block-SMTP25'
   option not_local_addr '192.168.1.2'
   option remote_port '25'
   option proto 'both'
   option enabled '1'


4. problem - little seriousness, I will fix myself.
When backing up the configuration, it does not back up everything and skips the rules defined in /etc/sysupgrade.conf

5. Cosmetic defect - little seriousness, I will fix myself.
I reviewed the plugin (/etc/opkg.conf):

Code: Select all

src/gz openwrt_18.06-snapshot_base http://downloads.openwrt.org/releases/18.06-SNAPSHOT/packages/arm_cortex-a9_vfpv3/base
src/gz openwrt_18.06-snapshot_luci http://downloads.openwrt.org/releases/18.06-SNAPSHOT/packages/arm_cortex-a9_vfpv3/luci
src/gz openwrt_18.06-snapshot_packages http://downloads.openwrt.org/releases/18.06-SNAPSHOT/packages/arm_cortex-a9_vfpv3/packages
src/gz openwrt_18.06-snapshot_routing http://downloads.openwrt.org/releases/18.06-SNAPSHOT/packages/arm_cortex-a9_vfpv3/routing
src/gz openwrt_18.06-snapshot_telephony http://downloads.openwrt.org/releases/18.06-SNAPSHOT/packages/arm_cortex-a9_vfpv3/telephony

src/gz openwrt_18.06-snapshot_targets http://downloads.openwrt.org/releases/18.06-SNAPSHOT/targets/mvebu/cortexa9/packages

src/gz gargoyle http://www.gargoyle-router.com/packages/gargoyle-1.11.0/mvebu/default
src/gz gargoyle_kernel_specific http://www.gargoyle-router.com/packages/gargoyle-1.11.0/mvebu/default_kernelspecific

dest root /
dest ram /tmp
dest plugin_root /plugin_root
lists_dir ext /var/opkg-lists
option overlay_root /overlay



Im sorry for the long text, and thank you in advance for any repairs.
Last edited by RomanHK on Fri Feb 22, 2019 11:00 am, edited 2 times in total.
Turris Omnia with Gargoyle 1.11.x
Linksys WRT3200ACM with Gargoyle 1.11.x
TL-WR1043ND v2 with Gargoyle 1.10.0

Lantis
Moderator
Posts: 5051
Joined: Mon Jan 05, 2015 5:33 am
Location: Australia

Re: Gargoyle 1.11.0 Release Candidate 5

Postby Lantis » Thu Feb 21, 2019 10:19 pm

I don’t have a device, and you tested it for me and told me it was ok. If it is not ok, I will drop support in future builds.
I’m not going to be able to fix a lot of your complaints remotely.
You may need to investigate them yourself.

I will check 3 and 4.
I don’t understand your complaint for 5.
Routers: Various ar71xx/mvebu/x86-64
http://lantisproject.com/downloads/gargoyle_ispyisail.php for the latest releases

User avatar
RomanHK
Posts: 372
Joined: Sat May 04, 2013 4:18 pm
Location: Czech Republik

Re: Gargoyle 1.11.0 Release Candidate 5

Postby RomanHK » Fri Feb 22, 2019 3:04 am

Oh, this is probably a mistake.
I clearly wrote that it looks good right after Flash, but I need time for more tests and stability tests.
RomanHK wrote:Now I will test stability - it will take a while.


These errors do not immediately occur, so I can not immediately predict whether O.K.

On point 5, which I have already written, there is a need to revise:
RomanHK wrote:Currently, you need to edit (add) Plugin Sources:
http://downloads.openwrt.org/releases/1 ... 9/packages = important for opkg
http://lantisproject.com/gargoyle_custo ... ia/default = temporary route for RC (custom)
http://lantisproject.com/gargoyle_custo ... elspecific = temporary route for RC (custom)
openwrt_18.06-snapshot = I have to warn that content is changing.


These are "cosmetic defects" and have no effect on router running, these resources are only used when installing the package over opkg.

line 2: (openwrt_18.06-snapshot_management) The source does not exist.
Added row for other packages, as they are together.

You can test bugs in the original by typing: opkg install squid

EDIT1: If you want to do some tests (Input/Output), please write about them, I'd like to help you if I can.

EDIT2: I have yet to move the list of bugs here to the RC so that I do not spoil the reputation of Gargoyle.

But if there is a mistake on my part, I'm deeply sorry, but I need time for the tests.
Turris Omnia with Gargoyle 1.11.x
Linksys WRT3200ACM with Gargoyle 1.11.x
TL-WR1043ND v2 with Gargoyle 1.10.0

User avatar
RomanHK
Posts: 372
Joined: Sat May 04, 2013 4:18 pm
Location: Czech Republik

Re: Gargoyle 1.11.0 Release Candidate 5

Postby RomanHK » Sat Feb 23, 2019 8:59 am

@Lantis - can you help me please? or have you broken a stick already?
I can solve all other problems locally, but I will not go with the NAT table.
So far, I had an OpenWrt router and it went great - the number of times I have restarted, so many times I have joined without problems.
In Gargoyle, after the third (or fifth) restart, the NAT does not work and it will be repaired by restarting the router and sometimes after the next.

Commands in working state:

Code: Select all

BusyBox v1.28.4 () built-in shell (ash)

------------------------------------------------------------------
|            _____                             _                 |
|           |  __ \                           | |                |
|           | |  \/ __ _ _ __ __ _  ___  _   _| | ___            |
|           | | __ / _` | '__/ _` |/ _ \| | | | |/ _ \           |
|           | |_\ \ (_| | | | (_| | (_) | |_| | |  __/           |
|            \____/\__,_|_|  \__, |\___/ \__, |_|\___|           |
|                             __/ |       __/ |                  |
|                            |___/       |___/                   |
|                                                                |
|----------------------------------------------------------------|
| Gargoyle version 1.11.0   | OpenWrt 18.06 branch               |
| Gargoyle revision 2145d423| OpenWrt commit 62feabe             |
| Built February 19, 2019   | Target  mvebu/turris               |
------------------------------------------------------------------
root@TurrisOmnia:~# iptables -t nat -A POSTROUTING -s 192.168.1.1/24 -o eth0 -j MASQUERADE
root@TurrisOmnia:~#

root@TurrisOmnia:~# insmod iptable_nat
module is already loaded - iptable_nat
root@TurrisOmnia:~#

root@TurrisOmnia:~# modprobe ip_tables
ip_tables is already loaded
root@TurrisOmnia:~#

root@TurrisOmnia:~# lsmod | grep iptable
ip_tables              20480  4 iptable_nat,iptable_mangle,iptable_filter
iptable_filter         16384  1
iptable_mangle         16384  1
iptable_nat            16384  1
nf_nat_ipv4            16384  2 iptable_nat,nft_chain_nat_ipv4
x_tables               20480 75 ipt_REJECT,ipt_MASQUERADE,xt_time,xt_tcpudp,xt_tcpmss,xt_string,xt_statistic,xt_state,xt_recent,xt_quota,xt_pkttype,xt_owner,xt_nat,xt_multiport,xt_mark,xt_mac,xt_limit,xt_length,xt_iprange,xt_hl,xt_helper,xt_ecn,xt_dscp,xt_conntrack,xt_connmark,xt_connlimit,xt_connlabel,xt_connbytes,xt_comment,xt_bpf,xt_addrtype,xt_TCPMSS,xt_REDIRECT,xt_NETMAP,xt_LOG,xt_HL,xt_DSCP,xt_CLASSIFY,iptable_mangle,iptable_filter,ipt_ECN,ip_tables,ebtables,ebt_vlan,ebt_stp,ebt_snat,ebt_redirect,ebt_pkttype,ebt_mark_m,ebt_mark,ebt_limit,ebt_ip,ebt_dnat,ebt_arpreply,ebt_arp,ebt_among,ebt_802_3,act_ipt,xt_set,xt_IMQ,ipt_weburl,ipt_webmon,ipt_timerange,ipt_bandwidth,ip6t_rt,ip6t_frag,ip6t_hbh,ip6t_eui64,ip6t_mh,ip6t_ah,ip6t_ipv6header,ip6t_REJECT,ip6table_mangle,ip6table_filter,ip6_tables
root@TurrisOmnia:~#

root@TurrisOmnia:~# cat /proc/net/ip_tables_names
nat
mangle
filter
root@TurrisOmnia:~#

root@TurrisOmnia:~# modinfo iptable_nat
module:         /lib/modules/4.14.99/iptable_nat.ko
license:        GPL
depends:        ip_tables,nf_nat_ipv4
root@TurrisOmnia:~#

root@TurrisOmnia:~# lsmod | grep _nat
ebtable_nat            16384  0
ebtables               24576  3 ebtable_nat,ebtable_filter,ebtable_broute
ip_tables              20480  4 iptable_nat,iptable_mangle,iptable_filter
iptable_nat            16384  1
nf_conntrack           69632 42 nf_nat_pptp,nf_conntrack_pptp,nf_conntrack_ipv6, ipt_MASQUERADE,xt_state,xt_nat,xt_helper,xt_conntrack,xt_connmark,xt_connlimit,x t_connlabel,xt_connbytes,xt_REDIRECT,xt_NETMAP,nft_redir_ipv4,nft_redir,nft_nat, nft_masq_ipv4,nft_masq,nft_ct,nf_nat_tftp,nf_nat_snmp_basic,nf_nat_sip,nf_nat_ma squerade_ipv4,nf_nat_irc,nf_conntrack_ipv4,nf_nat_ipv4,nf_nat_h323,nf_nat_ftp,nf _nat_amanda,nf_nat,nf_conntrack_tftp,nf_conntrack_snmp,nf_conntrack_sip,nf_connt rack_rtcache,nf_conntrack_proto_gre,nf_conntrack_netlink,nf_conntrack_irc,nf_con ntrack_h323,nf_conntrack_ftp,nf_conntrack_broadcast,nf_conntrack_amanda
nf_conntrack_amanda    16384  1 nf_nat_amanda
nf_conntrack_ftp       16384  1 nf_nat_ftp
nf_conntrack_h323      45056  1 nf_nat_h323
nf_conntrack_irc       16384  1 nf_nat_irc
nf_conntrack_pptp      16384  1 nf_nat_pptp
nf_conntrack_sip       24576  1 nf_nat_sip
nf_conntrack_snmp      16384  1 nf_nat_snmp_basic
nf_conntrack_tftp      16384  1 nf_nat_tftp
nf_nat                 24576 14 nf_nat_pptp,xt_nat,xt_NETMAP,nft_nat,nf_nat_tftp ,nf_nat_sip,nf_nat_redirect,nf_nat_proto_gre,nf_nat_masquerade_ipv4,nf_nat_irc,n f_nat_ipv4,nf_nat_h323,nf_nat_ftp,nf_nat_amanda
nf_nat_amanda          16384  0
nf_nat_ftp             16384  0
nf_nat_h323            16384  0
nf_nat_ipv4            16384  2 iptable_nat,nft_chain_nat_ipv4
nf_nat_irc             16384  0
nf_nat_masquerade_ipv4   16384  2 ipt_MASQUERADE,nft_masq_ipv4
nf_nat_pptp            16384  0
nf_nat_proto_gre       16384  1 nf_nat_pptp
nf_nat_redirect        16384  2 xt_REDIRECT,nft_redir_ipv4
nf_nat_sip             20480  0
nf_nat_snmp_basic      20480  0
nf_nat_tftp            16384  0
nf_tables              77824 25 nft_set_rbtree,nft_set_hash,nft_reject_ipv6,nft_ reject_ipv4,nft_reject_inet,nft_reject,nft_redir_ipv4,nft_redir,nft_quota,nft_nu mgen,nft_nat,nft_meta,nft_masq_ipv4,nft_masq,nft_log,nft_limit,nft_exthdr,nft_ct ,nft_counter,nft_chain_route_ipv6,nft_chain_route_ipv4,nft_chain_nat_ipv4,nf_tab les_ipv6,nf_tables_ipv4,nf_tables_inet
nft_chain_nat_ipv4     16384  0
nft_nat                16384  0
x_tables               20480 75 ipt_REJECT,ipt_MASQUERADE,xt_time,xt_tcpudp,xt_t cpmss,xt_string,xt_statistic,xt_state,xt_recent,xt_quota,xt_pkttype,xt_owner,xt_ nat,xt_multiport,xt_mark,xt_mac,xt_limit,xt_length,xt_iprange,xt_hl,xt_helper,xt _ecn,xt_dscp,xt_conntrack,xt_connmark,xt_connlimit,xt_connlabel,xt_connbytes,xt_ comment,xt_bpf,xt_addrtype,xt_TCPMSS,xt_REDIRECT,xt_NETMAP,xt_LOG,xt_HL,xt_DSCP, xt_CLASSIFY,iptable_mangle,iptable_filter,ipt_ECN,ip_tables,ebtables,ebt_vlan,eb t_stp,ebt_snat,ebt_redirect,ebt_pkttype,ebt_mark_m,ebt_mark,ebt_limit,ebt_ip,ebt _dnat,ebt_arpreply,ebt_arp,ebt_among,ebt_802_3,act_ipt,xt_set,xt_IMQ,ipt_weburl, ipt_webmon,ipt_timerange,ipt_bandwidth,ip6t_rt,ip6t_frag,ip6t_hbh,ip6t_eui64,ip6 t_mh,ip6t_ah,ip6t_ipv6header,ip6t_REJECT,ip6table_mangle,ip6table_filter,ip6_tab les
xt_nat                 16384 26
root@TurrisOmnia:~#


Commands in non-working state:

Code: Select all

BusyBox v1.28.4 () built-in shell (ash)

------------------------------------------------------------------
|            _____                             _                 |
|           |  __ \                           | |                |
|           | |  \/ __ _ _ __ __ _  ___  _   _| | ___            |
|           | | __ / _` | '__/ _` |/ _ \| | | | |/ _ \           |
|           | |_\ \ (_| | | | (_| | (_) | |_| | |  __/           |
|            \____/\__,_|_|  \__, |\___/ \__, |_|\___|           |
|                             __/ |       __/ |                  |
|                            |___/       |___/                   |
|                                                                |
|----------------------------------------------------------------|
| Gargoyle version 1.11.0   | OpenWrt 18.06 branch               |
| Gargoyle revision 2145d423| OpenWrt commit 62feabe             |
| Built February 19, 2019   | Target  mvebu/turris               |
------------------------------------------------------------------
root@TurrisOmnia:~# iptables -t nat -A POSTROUTING -s 192.168.1.1/24 -o eth0 -j MASQUERADE
iptables v1.6.2: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
root@TurrisOmnia:~#

root@TurrisOmnia:~# insmod iptable_nat
root@TurrisOmnia:~#

root@TurrisOmnia:~# modprobe ip_tables
ip_tables is already loaded
root@TurrisOmnia:~#

root@TurrisOmnia:~# lsmod | grep iptable
ip_tables              20480  3 iptable_mangle,iptable_filter
iptable_filter         16384  1
iptable_mangle         16384  1
x_tables               20480 75 ipt_REJECT,ipt_MASQUERADE,xt_time,xt_tcpudp,xt_tcpmss,xt_string,xt_statistic,xt_state,xt_recent,xt_quota,xt_pkttype,xt_owner,xt_nat,xt_multiport,xt_mark,xt_mac,xt_limit,xt_length,xt_iprange,xt_hl,xt_helper,xt_ecn,xt_dscp,xt_conntrack,xt_connmark,xt_connlimit,xt_connlabel,xt_connbytes,xt_comment,xt_bpf,xt_addrtype,xt_TCPMSS,xt_REDIRECT,xt_NETMAP,xt_LOG,xt_HL,xt_DSCP,xt_CLASSIFY,iptable_mangle,iptable_filter,ipt_ECN,ip_tables,ebtables,ebt_vlan,ebt_stp,ebt_snat,ebt_redirect,ebt_pkttype,ebt_mark_m,ebt_mark,ebt_limit,ebt_ip,ebt_dnat,ebt_arpreply,ebt_arp,ebt_among,ebt_802_3,act_ipt,xt_set,xt_IMQ,ipt_weburl,ipt_webmon,ipt_timerange,ipt_bandwidth,ip6t_rt,ip6t_frag,ip6t_hbh,ip6t_eui64,ip6t_mh,ip6t_ah,ip6t_ipv6header,ip6t_REJECT,ip6table_mangle,ip6table_filter,ip6_tables
root@TurrisOmnia:~#

root@TurrisOmnia:~# cat /proc/net/ip_tables_names
mangle
filter
root@TurrisOmnia:~#

root@TurrisOmnia:~# modinfo iptable_nat
module:         /lib/modules/4.14.99/iptable_nat.ko
license:        GPL
depends:        ip_tables,nf_nat_ipv4
root@TurrisOmnia:~#

root@TurrisOmnia:~# lsmod | grep _nat
ebtable_nat            16384  0
ebtables               24576  3 ebtable_nat,ebtable_filter,ebtable_broute
nf_conntrack           69632 42 nf_nat_pptp,nf_conntrack_pptp,nf_conntrack_ipv6,ipt_MASQUERADE,xt_state,xt_nat,xt_helper,xt_conntrack,xt_connmark,xt_connlimit,xt_connlabel,xt_connbytes,xt_REDIRECT,xt_NETMAP,nft_redir_ipv4,nft_redir,nft_nat,nft_masq_ipv4,nft_masq,nft_ct,nf_nat_tftp,nf_nat_snmp_basic,nf_nat_sip,nf_nat_masquerade_ipv4,nf_nat_irc,nf_conntrack_ipv4,nf_nat_ipv4,nf_nat_h323,nf_nat_ftp,nf_nat_amanda,nf_nat,nf_conntrack_tftp,nf_conntrack_snmp,nf_conntrack_sip,nf_conntrack_rtcache,nf_conntrack_proto_gre,nf_conntrack_netlink,nf_conntrack_irc,nf_conntrack_h323,nf_conntrack_ftp,nf_conntrack_broadcast,nf_conntrack_amanda
nf_conntrack_amanda    16384  1 nf_nat_amanda
nf_conntrack_ftp       16384  1 nf_nat_ftp
nf_conntrack_h323      45056  1 nf_nat_h323
nf_conntrack_irc       16384  1 nf_nat_irc
nf_conntrack_pptp      16384  1 nf_nat_pptp
nf_conntrack_sip       24576  1 nf_nat_sip
nf_conntrack_snmp      16384  1 nf_nat_snmp_basic
nf_conntrack_tftp      16384  1 nf_nat_tftp
nf_nat                 24576 14 nf_nat_pptp,xt_nat,xt_NETMAP,nft_nat,nf_nat_tftp,nf_nat_sip,nf_nat_redirect,nf_nat_proto_gre,nf_nat_masquerade_ipv4,nf_nat_irc,nf_nat_ipv4,nf_nat_h323,nf_nat_ftp,nf_nat_amanda
nf_nat_amanda          16384  0
nf_nat_ftp             16384  0
nf_nat_h323            16384  0
nf_nat_ipv4            16384  1 nft_chain_nat_ipv4
nf_nat_irc             16384  0
nf_nat_masquerade_ipv4   16384  2 ipt_MASQUERADE,nft_masq_ipv4
nf_nat_pptp            16384  0
nf_nat_proto_gre       16384  1 nf_nat_pptp
nf_nat_redirect        16384  2 xt_REDIRECT,nft_redir_ipv4
nf_nat_sip             20480  0
nf_nat_snmp_basic      20480  0
nf_nat_tftp            16384  0
nf_tables              77824 25 nft_set_rbtree,nft_set_hash,nft_reject_ipv6,nft_reject_ipv4,nft_reject_inet,nft_reject,nft_redir_ipv4,nft_redir,nft_quota,nft_numgen,nft_nat,nft_meta,nft_masq_ipv4,nft_masq,nft_log,nft_limit,nft_exthdr,nft_ct,nft_counter,nft_chain_route_ipv6,nft_chain_route_ipv4,nft_chain_nat_ipv4,nf_tables_ipv6,nf_tables_ipv4,nf_tables_inet
nft_chain_nat_ipv4     16384  0
nft_nat                16384  0
x_tables               20480 75 ipt_REJECT,ipt_MASQUERADE,xt_time,xt_tcpudp,xt_tcpmss,xt_string,xt_statistic,xt_state,xt_recent,xt_quota,xt_pkttype,xt_owner,xt_nat,xt_multiport,xt_mark,xt_mac,xt_limit,xt_length,xt_iprange,xt_hl,xt_helper,xt_ecn,xt_dscp,xt_conntrack,xt_connmark,xt_connlimit,xt_connlabel,xt_connbytes,xt_comment,xt_bpf,xt_addrtype,xt_TCPMSS,xt_REDIRECT,xt_NETMAP,xt_LOG,xt_HL,xt_DSCP,xt_CLASSIFY,iptable_mangle,iptable_filter,ipt_ECN,ip_tables,ebtables,ebt_vlan,ebt_stp,ebt_snat,ebt_redirect,ebt_pkttype,ebt_mark_m,ebt_mark,ebt_limit,ebt_ip,ebt_dnat,ebt_arpreply,ebt_arp,ebt_among,ebt_802_3,act_ipt,xt_set,xt_IMQ,ipt_weburl,ipt_webmon,ipt_timerange,ipt_bandwidth,ip6t_rt,ip6t_frag,ip6t_hbh,ip6t_eui64,ip6t_mh,ip6t_ah,ip6t_ipv6header,ip6t_REJECT,ip6table_mangle,ip6table_filter,ip6_tables
xt_nat                 16384  0
root@TurrisOmnia:~#
Turris Omnia with Gargoyle 1.11.x
Linksys WRT3200ACM with Gargoyle 1.11.x
TL-WR1043ND v2 with Gargoyle 1.10.0

qzzipc
Posts: 7
Joined: Tue Feb 19, 2019 1:18 pm

Re: Gargoyle 1.11.0 Release Candidate 5

Postby qzzipc » Sat Feb 23, 2019 12:06 pm

RomanHK wrote:
qzzipc wrote:I'm upgrade my TP-Link TL-WR1043N/ND v1 from 1.10 to 1.11 for the first time and i'm not very happy about the adblock plugin.

You will probably have no memory (V1 only has 32MB of RAM!)
The blocklist increases every day. On Adware + Malware you need a lot of RAM space (I myself had problems already in V2 version (64MB RAM). I add that they are already using HTTPS and need to use SSL (or the uclient-fetch + edit wget source library) you will not have room in Flash memory again.

I currently own another router (1GB RAM) and here I have adblock Adware + Malware + my own OpenWrt adblock filters and I'm very satisfied.

I use Adblock from OpenWrt in version 3.5.5.3 (http://downloads.openwrt. org/releases/18.06-SNAPSHOT/packages/mipsel_24kc/packages/adblock_3.5.5-3_all.ipk) - configuration is done in LuCI, on Gargoyle is just for the experienced.

EDIT: If you can change hosts, try changing the row in runadblock. sh as follows:

Code: Select all

wget -qO- --no-check-certificate "https://github. com/StevenBlack/hosts/raw/master/hosts" | awk -v r="$ENDPOINT_IP4" '{sub(/^0.0.0.0/, r)} $0 ~ "^"r' > /tmp/block.build.list

It may help you.


--no-check-certificate is nice! :D Now i use the someonewhocares hosts file without any problems, i love it more then MVPS hosts. Or do you know a better hosts file? I can only add one hosts file url and lower then between 15.000 - 20.000 lines.


Return to “Show / Tell / Contribute”

Who is online

Users browsing this forum: Google [Bot] and 6 guests