1.11.0.x gargoyle-ispy 2019-April-13 21

Want to share your OpenWrt / Gargoyle knowledge? Implemented a new feature? Let us know here.

Moderator: Moderators

RomanHK
Posts: 470
Joined: Sat May 04, 2013 4:18 pm
Location: Czech Republik

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Postby RomanHK » Wed Apr 24, 2019 5:00 am

ektus wrote:I want to prevent 192.168.0.13 from having any internet access (except DNS and NTP, if I can't redirect the latter to my local time server).

If you want IP 192.168.0.13 to only have access to DNS and NTP, the rule should look like this:
Image

The firewall works well, but it's an OpenWrt firewall.

:idea: I'll give you the type. The router itself acts as an NTP server, just enter the router's IP address into the client.
Turris Omnia with Gargoyle 1.12.0
Linksys WRT3200ACM with Gargoyle 1.12.0
TL-WR1043ND v2 with Gargoyle 1.10.0

ektus
Posts: 168
Joined: Sun Aug 11, 2013 2:26 am
Location: Germany

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Postby ektus » Wed Apr 24, 2019 7:00 am

RomanHK wrote:
ektus wrote:I want to prevent 192.168.0.13 from having any internet access (except DNS and NTP, if I can't redirect the latter to my local time server).

If you want IP 192.168.0.13 to only have access to DNS and NTP, the rule should look like this:
Image

The firewall works well, but it's an OpenWrt firewall.

I've yet to understand how the values are evaluated. If I say "no host", will the other rules do anything? Or should it be "any host" AND "port=52,123"?

In other words: Have all of the rules to be met to gain access, or has just one rule to be met?

RomanHK wrote: :idea: I'll give you the type. The router itself acts as an NTP server, just enter the router's IP address into the client.

I'd like to, but this client (and at least two or three others, different ones) doesn't offer much in ways of configurability. I do have a local time server (some NAS) running anyway. But that doesn't help with clients that have external time servers hard-coded. So I could either just let that traffic through, or would have to dig deeper into firewall and routing to redirect it to the internal server.

RomanHK
Posts: 470
Joined: Sat May 04, 2013 4:18 pm
Location: Czech Republik

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Postby RomanHK » Wed Apr 24, 2019 10:29 am

ektus wrote:In other words: Have all of the rules to be met to gain access, or has just one rule to be met?

Just one rule is enough - the rest is like default.

ektus wrote:I'd like to, but this client (and at least two or three others, different ones) doesn't offer much in ways of configurability. I do have a local time server (some NAS) running anyway. But that doesn't help with clients that have external time servers hard-coded. So I could either just let that traffic through, or would have to dig deeper into firewall and routing to redirect it to the internal server.

Yes, I understand it.

P.S. Beware of a typo. No port 52 but port 53 for DNS and port 123 for NTP.
Turris Omnia with Gargoyle 1.12.0
Linksys WRT3200ACM with Gargoyle 1.12.0
TL-WR1043ND v2 with Gargoyle 1.10.0

Lantis
Moderator
Posts: 5187
Joined: Mon Jan 05, 2015 5:33 am
Location: Australia

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Postby Lantis » Thu Apr 25, 2019 9:34 am

ektus wrote:In language manager, when a second language is installed, the default language (english) can be selected, but the name isn't displayed in the list.


I've fixed this for future versions here: https://github.com/ericpaulbishop/gargo ... 00a333bbab
I had actually tried to fix this a while ago but must not have done a good job the first time. It looks like it works a little better now.

This will also improve the way the plugins page looks too (similar issue).
Routers: Various ar71xx/mvebu/x86-64
http://lantisproject.com/downloads/gargoyle_ispyisail.php for the latest releases

User avatar
CBx86
Posts: 112
Joined: Sun Jan 05, 2014 5:43 pm
Location: Brazil

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Postby CBx86 » Thu Apr 25, 2019 9:37 pm

Will try @WNDR4300. :D

User avatar
CBx86
Posts: 112
Joined: Sun Jan 05, 2014 5:43 pm
Location: Brazil

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Postby CBx86 » Fri Apr 26, 2019 3:15 pm

Working good!

Only one thing, i get amber light on wan port.

Maybe the modem port is´t gigabit.

Image

Edit:
Tested many direct cables. (I dont have any cross cable, i will make a new one.)
Tested a new modem, i m sure its have gigabit port.
Still Amber.

Edit2: Suspect DHCP.

User avatar
CBx86
Posts: 112
Joined: Sun Jan 05, 2014 5:43 pm
Location: Brazil

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Postby CBx86 » Fri Apr 26, 2019 6:57 pm

This version of gargoyle is based on Openwrt 18.06.0,
18.06.0-rc1,18.06.0-rc2,18.06.1 or 18.06.2?

Many thanks!

RomanHK
Posts: 470
Joined: Sat May 04, 2013 4:18 pm
Location: Czech Republik

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Postby RomanHK » Fri Apr 26, 2019 7:51 pm

CBx86 wrote:This version of gargoyle is based on Openwrt 18.06.0,
18.06.0-rc1,18.06.0-rc2,18.06.1 or 18.06.2?

Many thanks!

Neither of these. This is the 18.06-SNAPSHOT version: http://downloads.openwrt.org/releases/18.06-SNAPSHOT/
It is a moving changing version derived from the development version - at least it seems to me.
Turris Omnia with Gargoyle 1.12.0
Linksys WRT3200ACM with Gargoyle 1.12.0
TL-WR1043ND v2 with Gargoyle 1.10.0

User avatar
CBx86
Posts: 112
Joined: Sun Jan 05, 2014 5:43 pm
Location: Brazil

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Postby CBx86 » Fri Apr 26, 2019 8:02 pm

Nice! Fron snap.

Many thanks!

RomanHK
Posts: 470
Joined: Sat May 04, 2013 4:18 pm
Location: Czech Republik

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Postby RomanHK » Fri Apr 26, 2019 8:13 pm

CBx86 wrote:Tested a new modem, i m sure its have gigabit port.
Still Amber.

Edit2: Suspect DHCP.

Try not to use the backup. If the status is the same, look at the other end of the cable or try downgrade.
Turris Omnia with Gargoyle 1.12.0
Linksys WRT3200ACM with Gargoyle 1.12.0
TL-WR1043ND v2 with Gargoyle 1.10.0


Return to “Show / Tell / Contribute”

Who is online

Users browsing this forum: No registered users and 3 guests