Gargoyle Forum

A forum to discuss the Gargoyle web interface for Openwrt
https://www.gargoyle-router.com/phpbb/

Version 1.9.1

https://www.gargoyle-router.com/phpbb/viewtopic.php?t=8890

Page 18 of 20

Re: Version 1.9.1

Posted: Sun Nov 20, 2016 3:26 am
by Lantis
I'm not seeing this behaviour.
My SSH is not accessible from the WAN side with the default config.

Re: Version 1.9.1

Posted: Sun Nov 20, 2016 5:30 am
by Rog66
Same here - port 22 blocked from outside and working inside

Re: Version 1.9.1

Posted: Sun Nov 20, 2016 10:17 am
by oliver
Here's what I get with my modified dropbear config:

Code: Select all

# nmap -p 22 --open -sV 192.168.1.1

Starting Nmap 7.31 ( https://nmap.org ) at 2016-11-20 09:08 EST
Nmap scan report for gargoyle (192.168.1.1)
Host is up (0.0017s latency).
PORT   STATE SERVICE VERSION
22/tcp open  ssh     Dropbear sshd 2015.67 (protocol 2.0)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Code: Select all

# nmap -p 22 --open -sV notmyrealhostname.duckdns.org

Starting Nmap 7.31 ( https://nmap.org ) at 2016-11-20 09:08 EST
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 1.33 seconds
Then I change the dropbear config back to what I had a few days ago.

Code: Select all

/etc/config# cp dropbear.dist dropbear
/etc/config# /etc/init.d/dropbear restart

Code: Select all

# nmap -p 22 --open -sV garg.duckdns.org

Starting Nmap 7.31 ( https://nmap.org ) at 2016-11-20 09:11 EST
Nmap scan report for notmyrealhostname.duckdns.org (x.x.x.x)
Host is up (0.0019s latency).
rDNS record for x.x.x.x: x-x-x-x.hsd1.ga.comcast.net
PORT   STATE SERVICE VERSION
22/tcp open  ssh     Dropbear sshd 2015.67 (protocol 2.0)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Code: Select all

# ssh root@notmyrealhostname.duckdns.org
The authenticity of host 'notmyrealhostname.duckdns.org (x.x.x.x)' can't be established.
RSA key fingerprint is SHA256:59+5OCxagGFo+hfLwS4fdsfdsfdsfdsfdsfdsfds.
Are you sure you want to continue connecting (yes/no)? ^C

Code: Select all

# cat /etc/config/dropbear.dist
config dropbear 'global'
        option PasswordAuth 'on'
        option Port '22'

Code: Select all

# cat /etc/config/dropbear.lanonly
config dropbear
        option PasswordAuth 'on'
        option Port '22'
        option Interface 'lan'

Code: Select all

Device Name:Gargoyle
Gargoyle Version:1.9.1
Model:TP-Link TL-WDR3600 v1
Device Configuration:Gateway

Re: Version 1.9.1

Posted: Sun Nov 20, 2016 4:01 pm
by Lantis
the default firewall should block this. An exception is placed if you enable remote ssh.

Please test a fresh installation.

Re: Version 1.9.1

Posted: Mon Nov 21, 2016 9:09 am
by oliver
Lantis wrote:the default firewall should block this. An exception is placed if you enable remote ssh.

Please test a fresh installation.
TBH, I'd rather not :-) It took me way too long to get things set up correctly. I'd be happy to test it out again on the next release though.

I can't say 100% for certain that I'd never enabled SSH from WAN but I can't imagine why and it would have been in error. Also, wouldn't the GUI have reflected the change?

Re: Version 1.9.1

Posted: Fri Dec 02, 2016 9:57 pm
by prichard
I'm curious
When will a new stable build go out? :D
I have a suggestion that routers with 8mb+ that come with SQM QoS

Re: Version 1.9.1

Posted: Sat Dec 17, 2016 11:09 am
by jayt
I see some ramips routers are now supported. Just curious as to the wifi driver included in the firmware for the Xiaomi MiWiFi Mini. Is it the openwrt wifi driver?

Thanks.

Re: Version 1.9.1

Posted: Sat Dec 17, 2016 2:36 pm
by Lantis
jayt wrote:I see some ramips routers are now supported. Just curious as to the wifi driver included in the firmware for the Xiaomi MiWiFi Mini. Is it the openwrt wifi driver?

Thanks.
Some of them use the mt76 driver. I believe the MiWiFi Mini is included in this list.
I could not figure out what the rest use

Re: Version 1.9.1

Posted: Fri Dec 23, 2016 3:58 am
by jayt
Lantis wrote:Some of them use the mt76 driver. I believe the MiWiFi Mini is included in this list.
I could not figure out what the rest use
Thank you for the reply.

Do you think it would be OK to install the "Breed" bootloader and use it with Gargoyle?

Re: Version 1.9.1

Posted: Fri Dec 23, 2016 4:44 am
by Lantis
Wouldn't have a clue. I don't customise my bootloaders.

If it works with Openwrt, it's more than likely to work with Gargoyle.
All times are UTC-04:00
Page 18 of 20

Powered by phpBB® Forum Software © phpBB Limited