Random behavior of port forwarding after upgrade to V1.12 - Identified as wrong local IP lookup by aruljohn.com
Posted: Sat Apr 18, 2020 6:54 am
Hi,
I've been using Gargoyle very successfully for quite a long time. I had V1.6.0 running on a WNDR3700v2.
I upgraded yesterday my router to V1.12 without preserving settings. Then I have updated the following files with my previous config from the backup file : hosts, ethers, firewall and qos_gargoyle. I did not just copy the files, I updated the content, keeping the fresh headers / configs if they were any.
I then updated all other configs (dynamic dns, wireless config, passwd, plugins, etc. ) manually with the screenshots I had made for all config screens.
Everything seemed to be working fine: checked dyn dns IP update process, access to internal servers (Domoticz home automation in particular) from outside using port forward...
Nothing else was updated (Internal network config, server...)
This morning, I tried to access my Domoticz server from outside (mobile phone not on wifi) and it did not work. I checked the Gargoyle logs. I only found a message that raised my attention :
daemon.warn dnsmasq[8706]: possible DNS-rebind attack detected: mydomainname
The message was not timely correlated though. I also checked the dyn dns : correct IP address. Correct routing from outside.
After a few minutes, it worked again. Without having changed any config. I was just looking at the logs.
Since then, I remarked that sometime it goes through, sometime not.
What could be the issue? V1.6 was very stable for me. Should I fine-tune something to prevent this DNS-rebind attack detection? Could this be related / explained that it comes back working after a while?
Thanks for any help
I've been using Gargoyle very successfully for quite a long time. I had V1.6.0 running on a WNDR3700v2.
I upgraded yesterday my router to V1.12 without preserving settings. Then I have updated the following files with my previous config from the backup file : hosts, ethers, firewall and qos_gargoyle. I did not just copy the files, I updated the content, keeping the fresh headers / configs if they were any.
I then updated all other configs (dynamic dns, wireless config, passwd, plugins, etc. ) manually with the screenshots I had made for all config screens.
Everything seemed to be working fine: checked dyn dns IP update process, access to internal servers (Domoticz home automation in particular) from outside using port forward...
Nothing else was updated (Internal network config, server...)
This morning, I tried to access my Domoticz server from outside (mobile phone not on wifi) and it did not work. I checked the Gargoyle logs. I only found a message that raised my attention :
daemon.warn dnsmasq[8706]: possible DNS-rebind attack detected: mydomainname
The message was not timely correlated though. I also checked the dyn dns : correct IP address. Correct routing from outside.
After a few minutes, it worked again. Without having changed any config. I was just looking at the logs.
Since then, I remarked that sometime it goes through, sometime not.
What could be the issue? V1.6 was very stable for me. Should I fine-tune something to prevent this DNS-rebind attack detection? Could this be related / explained that it comes back working after a while?
Thanks for any help
Because you use many Gargoyle services, it's probably going to be low on memory, because Gargoyle v1.12 (OpenWrt 18.06) takes up more system resources - that's my diagnosis, but maybe I'm wrong.