Too many inbound wan connections.

[shani]

Using gargoyle on Bt HomeHub v2b as gateway.
I have configured my adsl connection but firewall is on default. Default firewall is wan reject as on openwrt?
When I saw my BW distribution, it is showing a lot of Wan connections.
I have no server (ftp etc) on my home network.

Is my router working as transparent proxy?

[shani]

/etc/config/firewall

config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'

config zone
option name 'lan'
list network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'

config zone
option name 'wan'
list network 'wan'
list network 'wan6'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'

config forwarding
option src 'lan'
option dest 'wan'

config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'

config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'DROP'

config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'

config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fe80::/10'
option src_port '547'
option dest_ip 'fe80::/10'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'

config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'

config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'

config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'

config include
option path '/etc/firewall.user'
option reload '1'

config rule
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'

config rule
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'

config include
option type 'script'
option path '/usr/lib/gargoyle_firewall_util/gargoyle_additions.firewall
option family 'IPv4'
option reload '1'

Help...

[nworbnhoj]

Your /etc/config/firewall matches the file on my router
There are a couple of other reports of this type of behaviour on the forums, but not with as many connections.
Can you confirm that your Internet connection is plugged into the WAN port on your Gargoyle router?
Can you confirm that none of the other devices on your LAN network have an independent Internet connection?

[shani]

Your /etc/config/firewall matches the file on my router
There are a couple of other reports of this type of behaviour on the forums, but not with as many connections.
Can you confirm that your Internet connection is plugged into the WAN port on your Gargoyle router?
Can you confirm that none of the other devices on your LAN network have an independent Internet connection?

My Router is Bt.Hub.v2b
I have adsl connection and I can confirm there is no other internet connection on the network. It is the only Internet Gateway on the network.
Now I can feel my internet connection slowing from time to time and I think this is the culprit.

Here is the connection:

[shani]

He has also the same problem.
http://www.gargoyle-router.com/phpbb/vi ... =11&t=7871


But I am having alot of list of random wan ip addresses.
Still no solution

[nworbnhoj]

He has also the same problem.

Yes

And I hoped that (s)he might ....

I would suggest re-flashing your router with the same 1.9.0 Gargoyle image and tick "preserve settings" to save you setting up again. Make sure to wait until the flash is completely finished before you begin interacting with the router again.

but unfortunately never reported back.

What Gargoyle version are you using? Could you reflash your router (as above) and report back please? (do not preserve setings if you are moving between versions)

[shani]

He has also the same problem.

Yes

And I hoped that (s)he might ....

I would suggest re-flashing your router with the same 1.9.0 Gargoyle image and tick "preserve settings" to save you setting up again. Make sure to wait until the flash is completely finished before you begin interacting with the router again.

but unfortunately never reported back.

What Gargoyle version are you using? Could you reflash your router (as above) and report back please? (do not preserve setings if you are moving between versions)

Using latest Gargoyle_CC_19.X version.
Re-flashed the router without preserving settings, no change same too many wan ip's connected.

Now I tried resetting the router and I've noticed a huge drop in wan ip's. Now there are few (3 or 4) wan ip's in B/W distribution .

After resetting the start wizard didn't showup and password was not reset and adsl connection settings were also same.