Page 2 of 3

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Posted: Wed Apr 24, 2019 5:00 am
by RomanHK
ektus wrote: I want to prevent 192.168.0.13 from having any internet access (except DNS and NTP, if I can't redirect the latter to my local time server).
If you want IP 192.168.0.13 to only have access to DNS and NTP, the rule should look like this:
Image

The firewall works well, but it's an OpenWrt firewall.

:idea: I'll give you the type. The router itself acts as an NTP server, just enter the router's IP address into the client.

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Posted: Wed Apr 24, 2019 7:00 am
by ektus
RomanHK wrote:
ektus wrote: I want to prevent 192.168.0.13 from having any internet access (except DNS and NTP, if I can't redirect the latter to my local time server).
If you want IP 192.168.0.13 to only have access to DNS and NTP, the rule should look like this:
Image

The firewall works well, but it's an OpenWrt firewall.
I've yet to understand how the values are evaluated. If I say "no host", will the other rules do anything? Or should it be "any host" AND "port=52,123"?

In other words: Have all of the rules to be met to gain access, or has just one rule to be met?
RomanHK wrote: :idea: I'll give you the type. The router itself acts as an NTP server, just enter the router's IP address into the client.
I'd like to, but this client (and at least two or three others, different ones) doesn't offer much in ways of configurability. I do have a local time server (some NAS) running anyway. But that doesn't help with clients that have external time servers hard-coded. So I could either just let that traffic through, or would have to dig deeper into firewall and routing to redirect it to the internal server.

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Posted: Wed Apr 24, 2019 10:29 am
by RomanHK
ektus wrote: In other words: Have all of the rules to be met to gain access, or has just one rule to be met?
Just one rule is enough - the rest is like default.
ektus wrote: I'd like to, but this client (and at least two or three others, different ones) doesn't offer much in ways of configurability. I do have a local time server (some NAS) running anyway. But that doesn't help with clients that have external time servers hard-coded. So I could either just let that traffic through, or would have to dig deeper into firewall and routing to redirect it to the internal server.
Yes, I understand it.

P.S. Beware of a typo. No port 52 but port 53 for DNS and port 123 for NTP.

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Posted: Thu Apr 25, 2019 9:34 am
by Lantis
ektus wrote:In language manager, when a second language is installed, the default language (english) can be selected, but the name isn't displayed in the list.
I've fixed this for future versions here: https://github.com/ericpaulbishop/gargo ... 00a333bbab
I had actually tried to fix this a while ago but must not have done a good job the first time. It looks like it works a little better now.

This will also improve the way the plugins page looks too (similar issue).

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Posted: Thu Apr 25, 2019 9:37 pm
by CBx86
Will try @WNDR4300. :D

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Posted: Fri Apr 26, 2019 3:15 pm
by CBx86
Working good!

Only one thing, i get amber light on wan port.

Maybe the modem port is´t gigabit.

Image

Edit:
Tested many direct cables. (I dont have any cross cable, i will make a new one.)
Tested a new modem, i m sure its have gigabit port.
Still Amber.

Edit2: Suspect DHCP.

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Posted: Fri Apr 26, 2019 6:57 pm
by CBx86
This version of gargoyle is based on Openwrt 18.06.0,
18.06.0-rc1,18.06.0-rc2,18.06.1 or 18.06.2?

Many thanks!

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Posted: Fri Apr 26, 2019 7:51 pm
by RomanHK
CBx86 wrote:This version of gargoyle is based on Openwrt 18.06.0,
18.06.0-rc1,18.06.0-rc2,18.06.1 or 18.06.2?

Many thanks!
Neither of these. This is the 18.06-SNAPSHOT version: http://downloads.openwrt.org/releases/18.06-SNAPSHOT/
It is a moving changing version derived from the development version - at least it seems to me.

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Posted: Fri Apr 26, 2019 8:02 pm
by CBx86
Nice! Fron snap.

Many thanks!

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Posted: Fri Apr 26, 2019 8:13 pm
by RomanHK
CBx86 wrote: Tested a new modem, i m sure its have gigabit port.
Still Amber.

Edit2: Suspect DHCP.
Try not to use the backup. If the status is the same, look at the other end of the cable or try downgrade.