Hey, my 1043ND V1.10 with 1.6.1 isn't accepting pings over WAN.
I dont have the "Drop Ping From WAN Side" checkbox ticked, so im not sure what the issue is.
TLWR1043ND - Not accepting WAN pings
Moderator: Moderators
Re: TLWR1043ND - Not accepting WAN pings
Code: Select all
iptables -L -n-
Sir_Undead
- Posts: 16
- Joined: Sun May 11, 2014 8:04 am
Re: TLWR1043ND - Not accepting WAN pings
n0pin wrote:Run this and post output.Code: Select all
iptables -L -n
Code: Select all
Chain INPUT (policy ACCEPT)
target prot opt source destination
bw_ingress all -- 0.0.0.0/0 0.0.0.0/0
delegate_input all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP)
target prot opt source destination
bw_ingress all -- 0.0.0.0/0 0.0.0.0/0
ingress_restrictions all -- 0.0.0.0/0 0.0.0.0/0
egress_restrictions all -- 0.0.0.0/0 0.0.0.0/0
delegate_forward all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
delegate_output all -- 0.0.0.0/0 0.0.0.0/0
Chain MINIUPNPD (1 references)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 192.168.1.19 tcp dpt:31473
ACCEPT udp -- 0.0.0.0/0 192.168.1.19 udp dpt:31473
ACCEPT tcp -- 0.0.0.0/0 192.168.1.19 tcp dpt:15239
ACCEPT udp -- 0.0.0.0/0 192.168.1.19 udp dpt:15239
ACCEPT tcp -- 0.0.0.0/0 192.168.1.19 tcp dpt:48565
ACCEPT udp -- 0.0.0.0/0 192.168.1.19 udp dpt:48565
ACCEPT tcp -- 0.0.0.0/0 192.168.1.19 tcp dpt:24618
ACCEPT udp -- 0.0.0.0/0 192.168.1.19 udp dpt:24618
ACCEPT tcp -- 0.0.0.0/0 192.168.1.19 tcp dpt:17257
ACCEPT udp -- 0.0.0.0/0 192.168.1.19 udp dpt:17257
ACCEPT tcp -- 0.0.0.0/0 192.168.1.55 tcp dpt:47995
ACCEPT tcp -- 0.0.0.0/0 192.168.1.55 tcp dpt:47996
ACCEPT tcp -- 0.0.0.0/0 192.168.1.55 tcp dpt:35043
ACCEPT tcp -- 0.0.0.0/0 192.168.1.55 tcp dpt:47989
ACCEPT tcp -- 0.0.0.0/0 192.168.1.55 tcp dpt:47984
ACCEPT tcp -- 0.0.0.0/0 192.168.1.55 tcp dpt:48010
ACCEPT udp -- 0.0.0.0/0 192.168.1.55 udp dpt:47999
ACCEPT udp -- 0.0.0.0/0 192.168.1.55 udp dpt:47992
ACCEPT udp -- 0.0.0.0/0 192.168.1.55 udp dpt:47998
ACCEPT udp -- 0.0.0.0/0 192.168.1.55 udp dpt:48000
ACCEPT udp -- 0.0.0.0/0 192.168.1.55 udp dpt:47989
ACCEPT udp -- 0.0.0.0/0 192.168.1.19 udp dpt:46817
ACCEPT tcp -- 0.0.0.0/0 192.168.1.19 tcp dpt:46817
Chain bw_ingress (2 references)
target prot opt source destination
all -- 0.0.0.0/0 0.0.0.0/0 bandwidth --id tota l1-download-2-449 --type combined --current_bandwidth 0 --reset_interval 2 --res et_time 2 --intervals_to_save 449
all -- 0.0.0.0/0 0.0.0.0/0 match-set local_add r_set dst bandwidth --id bdist1-download-minute-15 --type individual_dst --reset _interval minute --intervals_to_save 15
all -- 0.0.0.0/0 0.0.0.0/0 bandwidth --id tota l2-download-minute-359 --type combined --current_bandwidth 0 --reset_interval mi nute --intervals_to_save 359
all -- 0.0.0.0/0 0.0.0.0/0 match-set local_add r_set dst bandwidth --id bdist2-download-900-24 --type individual_dst --reset_in terval 900 --reset_time 900 --intervals_to_save 24
all -- 0.0.0.0/0 0.0.0.0/0 bandwidth --id tota l3-download-180-479 --type combined --current_bandwidth 0 --reset_interval 180 - -reset_time 180 --intervals_to_save 479
all -- 0.0.0.0/0 0.0.0.0/0 match-set local_add r_set dst bandwidth --id bdist3-download-hour-24 --type individual_dst --reset_i nterval hour --intervals_to_save 24
all -- 0.0.0.0/0 0.0.0.0/0 bandwidth --id tota l4-download-7200-359 --type combined --current_bandwidth 0 --reset_interval 7200 --reset_time 7200 --intervals_to_save 359
all -- 0.0.0.0/0 0.0.0.0/0 match-set local_add r_set dst bandwidth --id bdist4-download-day-31 --type individual_dst --reset_in terval day --intervals_to_save 31
all -- 0.0.0.0/0 0.0.0.0/0 bandwidth --id tota l5-download-day-365 --type combined --current_bandwidth 0 --reset_interval day - -intervals_to_save 365
all -- 0.0.0.0/0 0.0.0.0/0 match-set local_add r_set dst bandwidth --id bdist5-download-month-12 --type individual_dst --reset_ interval month --intervals_to_save 12
Chain delegate_forward (1 references)
target prot opt source destination
forwarding_rule all -- 0.0.0.0/0 0.0.0.0/0 /* user chain for forwarding */
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,EST ABLISHED
zone_lan_forward all -- 0.0.0.0/0 0.0.0.0/0
zone_wan_forward all -- 0.0.0.0/0 0.0.0.0/0
reject all -- 0.0.0.0/0 0.0.0.0/0
Chain delegate_input (1 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
input_rule all -- 0.0.0.0/0 0.0.0.0/0 /* user chain for input */
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,EST ABLISHED
syn_flood tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02
zone_lan_input all -- 0.0.0.0/0 0.0.0.0/0
zone_wan_input all -- 0.0.0.0/0 0.0.0.0/0
Chain delegate_output (1 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
output_rule all -- 0.0.0.0/0 0.0.0.0/0 /* user chain for output */
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,EST ABLISHED
zone_lan_output all -- 0.0.0.0/0 0.0.0.0/0
zone_wan_output all -- 0.0.0.0/0 0.0.0.0/0
Chain egress_restrictions (1 references)
target prot opt source destination
egress_whitelist all -- 0.0.0.0/0 0.0.0.0/0
Chain egress_whitelist (1 references)
target prot opt source destination
Chain forwarding_lan_rule (1 references)
target prot opt source destination
Chain forwarding_rule (1 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Chain forwarding_wan_rule (1 references)
target prot opt source destination
Chain ingress_restrictions (1 references)
target prot opt source destination
ingress_whitelist all -- 0.0.0.0/0 0.0.0.0/0
Chain ingress_whitelist (1 references)
target prot opt source destination
Chain input_lan_rule (1 references)
target prot opt source destination
Chain input_rule (1 references)
target prot opt source destination
Chain input_wan_rule (1 references)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 connmark match 0x80/0x80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 connmark match 0x80/0x80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 connmark match 0x80/0x80
Chain output_lan_rule (1 references)
target prot opt source destination
Chain output_rule (1 references)
target prot opt source destination
Chain output_wan_rule (1 references)
target prot opt source destination
Chain pf_loopback_B (1 references)
target prot opt source destination
Chain reject (3 references)
target prot opt source destination
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 reject-with tcp-res et
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-po rt-unreachable
Chain syn_flood (1 references)
target prot opt source destination
RETURN tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 25/sec burst 50
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain zone_lan_dest_ACCEPT (1 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Chain zone_lan_forward (1 references)
target prot opt source destination
pf_loopback_B all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
forwarding_lan_rule all -- 0.0.0.0/0 0.0.0.0/0 /* user c hain for forwarding */
zone_wan_dest_ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 /* forwa rding lan -> wan */
zone_lan_src_REJECT all -- 0.0.0.0/0 0.0.0.0/0
Chain zone_lan_input (1 references)
target prot opt source destination
input_lan_rule all -- 0.0.0.0/0 0.0.0.0/0 /* user chain for input */
zone_lan_src_ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Chain zone_lan_output (1 references)
target prot opt source destination
output_lan_rule all -- 0.0.0.0/0 0.0.0.0/0 /* user chain for output */
zone_lan_dest_ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Chain zone_lan_src_ACCEPT (1 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Chain zone_lan_src_REJECT (1 references)
target prot opt source destination
reject all -- 0.0.0.0/0 0.0.0.0/0
Chain zone_wan_dest_ACCEPT (2 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Chain zone_wan_forward (1 references)
target prot opt source destination
MINIUPNPD all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 192.168.1.18
forwarding_wan_rule all -- 0.0.0.0/0 0.0.0.0/0 /* user c hain for forwarding */
zone_wan_src_REJECT all -- 0.0.0.0/0 0.0.0.0/0
Chain zone_wan_input (1 references)
target prot opt source destination
input_wan_rule all -- 0.0.0.0/0 0.0.0.0/0 /* user chain for input */
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68 /* Allow -DHCP-Renew */
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 /* Allo w-Ping */
zone_wan_src_REJECT all -- 0.0.0.0/0 0.0.0.0/0
Chain zone_wan_output (1 references)
target prot opt source destination
output_wan_rule all -- 0.0.0.0/0 0.0.0.0/0 /* user chain for output */
zone_wan_dest_ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Chain zone_wan_src_REJECT (2 references)
target prot opt source destination
reject all -- 0.0.0.0/0 0.0.0.0/0-
Sir_Undead
- Posts: 16
- Joined: Sun May 11, 2014 8:04 am
Re: TLWR1043ND - Not accepting WAN pings
Thanks for the spammy bump, on that note, can anyone help with the issue?eufifnilar wrote:A poor man entered a doctor’s consulting-room. He looked very unhappy.“Doctor,” he said, “you must help me. I swallowed a penny about a month ago.”“Good heavens, man!” said the doctor. “Why have you waited so long? Why don’t you come to me on the day you swallowed it?”“To tell you the truth, Doctor,” the poor man replied, “I didn’t need the money so badly then.”
Re: TLWR1043ND - Not accepting WAN pings
Sorry for late response. Can you also post contents of /etc/config/firewall?
-
Sir_Undead
- Posts: 16
- Joined: Sun May 11, 2014 8:04 am
Re: TLWR1043ND - Not accepting WAN pings
No need to apologize, you are helping me out.n0pin wrote:Sorry for late response. Can you also post contents of /etc/config/firewall?
Here are the contents:
Code: Select all
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
list network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'wan'
list network 'wan'
list network 'wan6'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
- /etc/config/firewall 1/126 0%
Re: TLWR1043ND - Not accepting WAN pings
Everything seems okay. Can you ping the router from LAN?
-
Sir_Undead
- Posts: 16
- Joined: Sun May 11, 2014 8:04 am
Re: TLWR1043ND - Not accepting WAN pings
Yep, that works just fine.n0pin wrote:Everything seems okay. Can you ping the router from LAN?
Re: TLWR1043ND - Not accepting WAN pings
Are you pinging the right IP Address? Is you router connected to WAN, or are there any routers before it?
-
Sir_Undead
- Posts: 16
- Joined: Sun May 11, 2014 8:04 am
Re: TLWR1043ND - Not accepting WAN pings
It's definitely the right IP address, I use No-IP for DDNS too so that is kept up to date.n0pin wrote:Are you pinging the right IP Address? Is you router connected to WAN, or are there any routers before it?
The router is connected to a modem only, it's an Huawei HG612. Ive got custom firmware on the modem and have turned off the firewall so anything can pass through.
Before using Gargoyle, I used to have DD-WRT where the pings worked fine with the same setup. I had to change from DD-WRT though because they have a NAT issue causing people's routers to drop off FTP with large lists.