1.11.0.x gargoyle-ispy 2019-April-13 21

Want to share your OpenWrt / Gargoyle knowledge? Implemented a new feature? Let us know here.

Moderator: Moderators

RomanHK
Posts: 794
Joined: Sat May 04, 2013 4:18 pm
Location: Czech Republik

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Post by RomanHK »

ektus wrote: I want to prevent 192.168.0.13 from having any internet access (except DNS and NTP, if I can't redirect the latter to my local time server).
If you want IP 192.168.0.13 to only have access to DNS and NTP, the rule should look like this:
Image

The firewall works well, but it's an OpenWrt firewall.

:idea: I'll give you the type. The router itself acts as an NTP server, just enter the router's IP address into the client.
Turris Omnia with OpenWrt 21.02 - Tested
Linksys WRT3200ACM with Gargoyle 1.13.x
TL-WR1043ND v2 with Gargoyle 1.10.0

http://gargoyle.romanhk.cz custom builds by gargoyle users

ektus
Posts: 241
Joined: Sun Aug 11, 2013 2:26 am
Location: Germany

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Post by ektus »

RomanHK wrote:
ektus wrote: I want to prevent 192.168.0.13 from having any internet access (except DNS and NTP, if I can't redirect the latter to my local time server).
If you want IP 192.168.0.13 to only have access to DNS and NTP, the rule should look like this:
Image

The firewall works well, but it's an OpenWrt firewall.
I've yet to understand how the values are evaluated. If I say "no host", will the other rules do anything? Or should it be "any host" AND "port=52,123"?

In other words: Have all of the rules to be met to gain access, or has just one rule to be met?
RomanHK wrote: :idea: I'll give you the type. The router itself acts as an NTP server, just enter the router's IP address into the client.
I'd like to, but this client (and at least two or three others, different ones) doesn't offer much in ways of configurability. I do have a local time server (some NAS) running anyway. But that doesn't help with clients that have external time servers hard-coded. So I could either just let that traffic through, or would have to dig deeper into firewall and routing to redirect it to the internal server.

RomanHK
Posts: 794
Joined: Sat May 04, 2013 4:18 pm
Location: Czech Republik

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Post by RomanHK »

ektus wrote: In other words: Have all of the rules to be met to gain access, or has just one rule to be met?
Just one rule is enough - the rest is like default.
ektus wrote: I'd like to, but this client (and at least two or three others, different ones) doesn't offer much in ways of configurability. I do have a local time server (some NAS) running anyway. But that doesn't help with clients that have external time servers hard-coded. So I could either just let that traffic through, or would have to dig deeper into firewall and routing to redirect it to the internal server.
Yes, I understand it.

P.S. Beware of a typo. No port 52 but port 53 for DNS and port 123 for NTP.
Turris Omnia with OpenWrt 21.02 - Tested
Linksys WRT3200ACM with Gargoyle 1.13.x
TL-WR1043ND v2 with Gargoyle 1.10.0

http://gargoyle.romanhk.cz custom builds by gargoyle users

Lantis
Moderator
Posts: 6735
Joined: Mon Jan 05, 2015 5:33 am
Location: Australia

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Post by Lantis »

ektus wrote:In language manager, when a second language is installed, the default language (english) can be selected, but the name isn't displayed in the list.
I've fixed this for future versions here: https://github.com/ericpaulbishop/gargo ... 00a333bbab
I had actually tried to fix this a while ago but must not have done a good job the first time. It looks like it works a little better now.

This will also improve the way the plugins page looks too (similar issue).
http://lantisproject.com/downloads/gargoyle_ispyisail.php for the latest releases
Please be respectful when posting. I do this in my free time on a volunteer basis.

User avatar
CBx86
Posts: 157
Joined: Sun Jan 05, 2014 5:43 pm
Location: Brazil

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Post by CBx86 »

Will try @WNDR4300. :D

User avatar
CBx86
Posts: 157
Joined: Sun Jan 05, 2014 5:43 pm
Location: Brazil

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Post by CBx86 »

Working good!

Only one thing, i get amber light on wan port.

Maybe the modem port is´t gigabit.

Image

Edit:
Tested many direct cables. (I dont have any cross cable, i will make a new one.)
Tested a new modem, i m sure its have gigabit port.
Still Amber.

Edit2: Suspect DHCP.

User avatar
CBx86
Posts: 157
Joined: Sun Jan 05, 2014 5:43 pm
Location: Brazil

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Post by CBx86 »

This version of gargoyle is based on Openwrt 18.06.0,
18.06.0-rc1,18.06.0-rc2,18.06.1 or 18.06.2?

Many thanks!

RomanHK
Posts: 794
Joined: Sat May 04, 2013 4:18 pm
Location: Czech Republik

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Post by RomanHK »

CBx86 wrote:This version of gargoyle is based on Openwrt 18.06.0,
18.06.0-rc1,18.06.0-rc2,18.06.1 or 18.06.2?

Many thanks!
Neither of these. This is the 18.06-SNAPSHOT version: http://downloads.openwrt.org/releases/18.06-SNAPSHOT/
It is a moving changing version derived from the development version - at least it seems to me.
Turris Omnia with OpenWrt 21.02 - Tested
Linksys WRT3200ACM with Gargoyle 1.13.x
TL-WR1043ND v2 with Gargoyle 1.10.0

http://gargoyle.romanhk.cz custom builds by gargoyle users

User avatar
CBx86
Posts: 157
Joined: Sun Jan 05, 2014 5:43 pm
Location: Brazil

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Post by CBx86 »

Nice! Fron snap.

Many thanks!

RomanHK
Posts: 794
Joined: Sat May 04, 2013 4:18 pm
Location: Czech Republik

Re: 1.11.0.x gargoyle-ispy 2019-April-13 21

Post by RomanHK »

CBx86 wrote: Tested a new modem, i m sure its have gigabit port.
Still Amber.

Edit2: Suspect DHCP.
Try not to use the backup. If the status is the same, look at the other end of the cable or try downgrade.
Turris Omnia with OpenWrt 21.02 - Tested
Linksys WRT3200ACM with Gargoyle 1.13.x
TL-WR1043ND v2 with Gargoyle 1.10.0

http://gargoyle.romanhk.cz custom builds by gargoyle users

Post Reply