rules not loading.
I have seen mention of this problem on OpenWRT mailing lists
as far back as 3 years ago. Looks like the problem is documented
but has not been fixed.
I am just going to add
/etc/init.d/firewall restart
in /etc/rc.local to act as a backup until this is properly resolved.
Ranga
I usually kill off the firewall rules for an internal router almost
completely. Recently, I didn't do that, and didn't have the external
interface connected, so a new cerowrt-3.10.50-1 install automagically
meshed with another router over wifi.
...and didn't run the default firewall rules at all.
I first noticed that /etc/firewall.user wasn't run (which is the lousy
place I'm using to export the /24 local network via babel), so I didn't
have connectivity to the next hop mesh... and then Ichecked to see there were no iptables rules in place at all. So, some
trigger for running the firewall "fw3 load" doesn't run unless there is an
external ethernet interface up in cerowrt.
And arguably it should run pretty early. So somewhere there is a missing
trigger?? to load the fw...
(and I hope this is a cerowrt specific bug and it did use to work)
... and I'd really rather run this out of /etc/config/network somehow
ip route add unreachable my.subnet.add.ress/24
_______________________________________________
Cerowrt-devel mailing list
Cerowrt-devel@lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/cerowrt-devel