@Lantis - can you help me please? or have you broken a stick already?
I can solve all other problems locally, but I will not go with the NAT table.
So far, I had an OpenWrt router and it went great - the number of times I have restarted, so many times I have joined without problems.
In Gargoyle, after the third (or fifth) restart, the NAT does not work and it will be repaired by restarting the router and sometimes after the next.
Commands in working state:
Code: Select all
BusyBox v1.28.4 () built-in shell (ash)
------------------------------------------------------------------
| _____ _ |
| | __ \ | | |
| | | \/ __ _ _ __ __ _ ___ _ _| | ___ |
| | | __ / _` | '__/ _` |/ _ \| | | | |/ _ \ |
| | |_\ \ (_| | | | (_| | (_) | |_| | | __/ |
| \____/\__,_|_| \__, |\___/ \__, |_|\___| |
| __/ | __/ | |
| |___/ |___/ |
| |
|----------------------------------------------------------------|
| Gargoyle version 1.11.0 | OpenWrt 18.06 branch |
| Gargoyle revision 2145d423| OpenWrt commit 62feabe |
| Built February 19, 2019 | Target mvebu/turris |
------------------------------------------------------------------
root@TurrisOmnia:~# iptables -t nat -A POSTROUTING -s 192.168.1.1/24 -o eth0 -j MASQUERADE
root@TurrisOmnia:~#
root@TurrisOmnia:~# insmod iptable_nat
module is already loaded - iptable_nat
root@TurrisOmnia:~#
root@TurrisOmnia:~# modprobe ip_tables
ip_tables is already loaded
root@TurrisOmnia:~#
root@TurrisOmnia:~# lsmod | grep iptable
ip_tables 20480 4 iptable_nat,iptable_mangle,iptable_filter
iptable_filter 16384 1
iptable_mangle 16384 1
iptable_nat 16384 1
nf_nat_ipv4 16384 2 iptable_nat,nft_chain_nat_ipv4
x_tables 20480 75 ipt_REJECT,ipt_MASQUERADE,xt_time,xt_tcpudp,xt_tcpmss,xt_string,xt_statistic,xt_state,xt_recent,xt_quota,xt_pkttype,xt_owner,xt_nat,xt_multiport,xt_mark,xt_mac,xt_limit,xt_length,xt_iprange,xt_hl,xt_helper,xt_ecn,xt_dscp,xt_conntrack,xt_connmark,xt_connlimit,xt_connlabel,xt_connbytes,xt_comment,xt_bpf,xt_addrtype,xt_TCPMSS,xt_REDIRECT,xt_NETMAP,xt_LOG,xt_HL,xt_DSCP,xt_CLASSIFY,iptable_mangle,iptable_filter,ipt_ECN,ip_tables,ebtables,ebt_vlan,ebt_stp,ebt_snat,ebt_redirect,ebt_pkttype,ebt_mark_m,ebt_mark,ebt_limit,ebt_ip,ebt_dnat,ebt_arpreply,ebt_arp,ebt_among,ebt_802_3,act_ipt,xt_set,xt_IMQ,ipt_weburl,ipt_webmon,ipt_timerange,ipt_bandwidth,ip6t_rt,ip6t_frag,ip6t_hbh,ip6t_eui64,ip6t_mh,ip6t_ah,ip6t_ipv6header,ip6t_REJECT,ip6table_mangle,ip6table_filter,ip6_tables
root@TurrisOmnia:~#
root@TurrisOmnia:~# cat /proc/net/ip_tables_names
nat
mangle
filter
root@TurrisOmnia:~#
root@TurrisOmnia:~# modinfo iptable_nat
module: /lib/modules/4.14.99/iptable_nat.ko
license: GPL
depends: ip_tables,nf_nat_ipv4
root@TurrisOmnia:~#
root@TurrisOmnia:~# lsmod | grep _nat
ebtable_nat 16384 0
ebtables 24576 3 ebtable_nat,ebtable_filter,ebtable_broute
ip_tables 20480 4 iptable_nat,iptable_mangle,iptable_filter
iptable_nat 16384 1
nf_conntrack 69632 42 nf_nat_pptp,nf_conntrack_pptp,nf_conntrack_ipv6, ipt_MASQUERADE,xt_state,xt_nat,xt_helper,xt_conntrack,xt_connmark,xt_connlimit,x t_connlabel,xt_connbytes,xt_REDIRECT,xt_NETMAP,nft_redir_ipv4,nft_redir,nft_nat, nft_masq_ipv4,nft_masq,nft_ct,nf_nat_tftp,nf_nat_snmp_basic,nf_nat_sip,nf_nat_ma squerade_ipv4,nf_nat_irc,nf_conntrack_ipv4,nf_nat_ipv4,nf_nat_h323,nf_nat_ftp,nf _nat_amanda,nf_nat,nf_conntrack_tftp,nf_conntrack_snmp,nf_conntrack_sip,nf_connt rack_rtcache,nf_conntrack_proto_gre,nf_conntrack_netlink,nf_conntrack_irc,nf_con ntrack_h323,nf_conntrack_ftp,nf_conntrack_broadcast,nf_conntrack_amanda
nf_conntrack_amanda 16384 1 nf_nat_amanda
nf_conntrack_ftp 16384 1 nf_nat_ftp
nf_conntrack_h323 45056 1 nf_nat_h323
nf_conntrack_irc 16384 1 nf_nat_irc
nf_conntrack_pptp 16384 1 nf_nat_pptp
nf_conntrack_sip 24576 1 nf_nat_sip
nf_conntrack_snmp 16384 1 nf_nat_snmp_basic
nf_conntrack_tftp 16384 1 nf_nat_tftp
nf_nat 24576 14 nf_nat_pptp,xt_nat,xt_NETMAP,nft_nat,nf_nat_tftp ,nf_nat_sip,nf_nat_redirect,nf_nat_proto_gre,nf_nat_masquerade_ipv4,nf_nat_irc,n f_nat_ipv4,nf_nat_h323,nf_nat_ftp,nf_nat_amanda
nf_nat_amanda 16384 0
nf_nat_ftp 16384 0
nf_nat_h323 16384 0
nf_nat_ipv4 16384 2 iptable_nat,nft_chain_nat_ipv4
nf_nat_irc 16384 0
nf_nat_masquerade_ipv4 16384 2 ipt_MASQUERADE,nft_masq_ipv4
nf_nat_pptp 16384 0
nf_nat_proto_gre 16384 1 nf_nat_pptp
nf_nat_redirect 16384 2 xt_REDIRECT,nft_redir_ipv4
nf_nat_sip 20480 0
nf_nat_snmp_basic 20480 0
nf_nat_tftp 16384 0
nf_tables 77824 25 nft_set_rbtree,nft_set_hash,nft_reject_ipv6,nft_ reject_ipv4,nft_reject_inet,nft_reject,nft_redir_ipv4,nft_redir,nft_quota,nft_nu mgen,nft_nat,nft_meta,nft_masq_ipv4,nft_masq,nft_log,nft_limit,nft_exthdr,nft_ct ,nft_counter,nft_chain_route_ipv6,nft_chain_route_ipv4,nft_chain_nat_ipv4,nf_tab les_ipv6,nf_tables_ipv4,nf_tables_inet
nft_chain_nat_ipv4 16384 0
nft_nat 16384 0
x_tables 20480 75 ipt_REJECT,ipt_MASQUERADE,xt_time,xt_tcpudp,xt_t cpmss,xt_string,xt_statistic,xt_state,xt_recent,xt_quota,xt_pkttype,xt_owner,xt_ nat,xt_multiport,xt_mark,xt_mac,xt_limit,xt_length,xt_iprange,xt_hl,xt_helper,xt _ecn,xt_dscp,xt_conntrack,xt_connmark,xt_connlimit,xt_connlabel,xt_connbytes,xt_ comment,xt_bpf,xt_addrtype,xt_TCPMSS,xt_REDIRECT,xt_NETMAP,xt_LOG,xt_HL,xt_DSCP, xt_CLASSIFY,iptable_mangle,iptable_filter,ipt_ECN,ip_tables,ebtables,ebt_vlan,eb t_stp,ebt_snat,ebt_redirect,ebt_pkttype,ebt_mark_m,ebt_mark,ebt_limit,ebt_ip,ebt _dnat,ebt_arpreply,ebt_arp,ebt_among,ebt_802_3,act_ipt,xt_set,xt_IMQ,ipt_weburl, ipt_webmon,ipt_timerange,ipt_bandwidth,ip6t_rt,ip6t_frag,ip6t_hbh,ip6t_eui64,ip6 t_mh,ip6t_ah,ip6t_ipv6header,ip6t_REJECT,ip6table_mangle,ip6table_filter,ip6_tab les
xt_nat 16384 26
root@TurrisOmnia:~#
Commands in non-working state:
Code: Select all
BusyBox v1.28.4 () built-in shell (ash)
------------------------------------------------------------------
| _____ _ |
| | __ \ | | |
| | | \/ __ _ _ __ __ _ ___ _ _| | ___ |
| | | __ / _` | '__/ _` |/ _ \| | | | |/ _ \ |
| | |_\ \ (_| | | | (_| | (_) | |_| | | __/ |
| \____/\__,_|_| \__, |\___/ \__, |_|\___| |
| __/ | __/ | |
| |___/ |___/ |
| |
|----------------------------------------------------------------|
| Gargoyle version 1.11.0 | OpenWrt 18.06 branch |
| Gargoyle revision 2145d423| OpenWrt commit 62feabe |
| Built February 19, 2019 | Target mvebu/turris |
------------------------------------------------------------------
root@TurrisOmnia:~# iptables -t nat -A POSTROUTING -s 192.168.1.1/24 -o eth0 -j MASQUERADE
iptables v1.6.2: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
root@TurrisOmnia:~#
root@TurrisOmnia:~# insmod iptable_nat
root@TurrisOmnia:~#
root@TurrisOmnia:~# modprobe ip_tables
ip_tables is already loaded
root@TurrisOmnia:~#
root@TurrisOmnia:~# lsmod | grep iptable
ip_tables 20480 3 iptable_mangle,iptable_filter
iptable_filter 16384 1
iptable_mangle 16384 1
x_tables 20480 75 ipt_REJECT,ipt_MASQUERADE,xt_time,xt_tcpudp,xt_tcpmss,xt_string,xt_statistic,xt_state,xt_recent,xt_quota,xt_pkttype,xt_owner,xt_nat,xt_multiport,xt_mark,xt_mac,xt_limit,xt_length,xt_iprange,xt_hl,xt_helper,xt_ecn,xt_dscp,xt_conntrack,xt_connmark,xt_connlimit,xt_connlabel,xt_connbytes,xt_comment,xt_bpf,xt_addrtype,xt_TCPMSS,xt_REDIRECT,xt_NETMAP,xt_LOG,xt_HL,xt_DSCP,xt_CLASSIFY,iptable_mangle,iptable_filter,ipt_ECN,ip_tables,ebtables,ebt_vlan,ebt_stp,ebt_snat,ebt_redirect,ebt_pkttype,ebt_mark_m,ebt_mark,ebt_limit,ebt_ip,ebt_dnat,ebt_arpreply,ebt_arp,ebt_among,ebt_802_3,act_ipt,xt_set,xt_IMQ,ipt_weburl,ipt_webmon,ipt_timerange,ipt_bandwidth,ip6t_rt,ip6t_frag,ip6t_hbh,ip6t_eui64,ip6t_mh,ip6t_ah,ip6t_ipv6header,ip6t_REJECT,ip6table_mangle,ip6table_filter,ip6_tables
root@TurrisOmnia:~#
root@TurrisOmnia:~# cat /proc/net/ip_tables_names
mangle
filter
root@TurrisOmnia:~#
root@TurrisOmnia:~# modinfo iptable_nat
module: /lib/modules/4.14.99/iptable_nat.ko
license: GPL
depends: ip_tables,nf_nat_ipv4
root@TurrisOmnia:~#
root@TurrisOmnia:~# lsmod | grep _nat
ebtable_nat 16384 0
ebtables 24576 3 ebtable_nat,ebtable_filter,ebtable_broute
nf_conntrack 69632 42 nf_nat_pptp,nf_conntrack_pptp,nf_conntrack_ipv6,ipt_MASQUERADE,xt_state,xt_nat,xt_helper,xt_conntrack,xt_connmark,xt_connlimit,xt_connlabel,xt_connbytes,xt_REDIRECT,xt_NETMAP,nft_redir_ipv4,nft_redir,nft_nat,nft_masq_ipv4,nft_masq,nft_ct,nf_nat_tftp,nf_nat_snmp_basic,nf_nat_sip,nf_nat_masquerade_ipv4,nf_nat_irc,nf_conntrack_ipv4,nf_nat_ipv4,nf_nat_h323,nf_nat_ftp,nf_nat_amanda,nf_nat,nf_conntrack_tftp,nf_conntrack_snmp,nf_conntrack_sip,nf_conntrack_rtcache,nf_conntrack_proto_gre,nf_conntrack_netlink,nf_conntrack_irc,nf_conntrack_h323,nf_conntrack_ftp,nf_conntrack_broadcast,nf_conntrack_amanda
nf_conntrack_amanda 16384 1 nf_nat_amanda
nf_conntrack_ftp 16384 1 nf_nat_ftp
nf_conntrack_h323 45056 1 nf_nat_h323
nf_conntrack_irc 16384 1 nf_nat_irc
nf_conntrack_pptp 16384 1 nf_nat_pptp
nf_conntrack_sip 24576 1 nf_nat_sip
nf_conntrack_snmp 16384 1 nf_nat_snmp_basic
nf_conntrack_tftp 16384 1 nf_nat_tftp
nf_nat 24576 14 nf_nat_pptp,xt_nat,xt_NETMAP,nft_nat,nf_nat_tftp,nf_nat_sip,nf_nat_redirect,nf_nat_proto_gre,nf_nat_masquerade_ipv4,nf_nat_irc,nf_nat_ipv4,nf_nat_h323,nf_nat_ftp,nf_nat_amanda
nf_nat_amanda 16384 0
nf_nat_ftp 16384 0
nf_nat_h323 16384 0
nf_nat_ipv4 16384 1 nft_chain_nat_ipv4
nf_nat_irc 16384 0
nf_nat_masquerade_ipv4 16384 2 ipt_MASQUERADE,nft_masq_ipv4
nf_nat_pptp 16384 0
nf_nat_proto_gre 16384 1 nf_nat_pptp
nf_nat_redirect 16384 2 xt_REDIRECT,nft_redir_ipv4
nf_nat_sip 20480 0
nf_nat_snmp_basic 20480 0
nf_nat_tftp 16384 0
nf_tables 77824 25 nft_set_rbtree,nft_set_hash,nft_reject_ipv6,nft_reject_ipv4,nft_reject_inet,nft_reject,nft_redir_ipv4,nft_redir,nft_quota,nft_numgen,nft_nat,nft_meta,nft_masq_ipv4,nft_masq,nft_log,nft_limit,nft_exthdr,nft_ct,nft_counter,nft_chain_route_ipv6,nft_chain_route_ipv4,nft_chain_nat_ipv4,nf_tables_ipv6,nf_tables_ipv4,nf_tables_inet
nft_chain_nat_ipv4 16384 0
nft_nat 16384 0
x_tables 20480 75 ipt_REJECT,ipt_MASQUERADE,xt_time,xt_tcpudp,xt_tcpmss,xt_string,xt_statistic,xt_state,xt_recent,xt_quota,xt_pkttype,xt_owner,xt_nat,xt_multiport,xt_mark,xt_mac,xt_limit,xt_length,xt_iprange,xt_hl,xt_helper,xt_ecn,xt_dscp,xt_conntrack,xt_connmark,xt_connlimit,xt_connlabel,xt_connbytes,xt_comment,xt_bpf,xt_addrtype,xt_TCPMSS,xt_REDIRECT,xt_NETMAP,xt_LOG,xt_HL,xt_DSCP,xt_CLASSIFY,iptable_mangle,iptable_filter,ipt_ECN,ip_tables,ebtables,ebt_vlan,ebt_stp,ebt_snat,ebt_redirect,ebt_pkttype,ebt_mark_m,ebt_mark,ebt_limit,ebt_ip,ebt_dnat,ebt_arpreply,ebt_arp,ebt_among,ebt_802_3,act_ipt,xt_set,xt_IMQ,ipt_weburl,ipt_webmon,ipt_timerange,ipt_bandwidth,ip6t_rt,ip6t_frag,ip6t_hbh,ip6t_eui64,ip6t_mh,ip6t_ah,ip6t_ipv6header,ip6t_REJECT,ip6table_mangle,ip6table_filter,ip6_tables
xt_nat 16384 0
root@TurrisOmnia:~#