From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wg0-x232.google.com (mail-wg0-x232.google.com [IPv6:2a00:1450:400c:c00::232]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id F1B1A21F1D2 for ; Tue, 3 Dec 2013 18:35:39 -0800 (PST) Received: by mail-wg0-f50.google.com with SMTP id a1so12655479wgh.29 for ; Tue, 03 Dec 2013 18:35:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=Ix7pg7XElUetIH2CYe5wnohaf7u0hS3IcKCMqWneHmI=; b=N+YVTv006ey9XhqYXMkhFCCWR0Lz5tK30wOXnqB47AgxwuI25jqx5jhp5QtCwh5bE2 KJb+Bd9cDZlKpQYgXbJQBL3Og5EIc1jmpHT+ruLlsbXkcDnFELypcS89Nc7sLpeRLRvJ pPJzH9qBuEYpguncr2nmkZq7JgvlxCadKN+fbLU6z1xZhe9oqSh4RXS+7bbpMB21Tsi1 pMfES5bXYtTOl77ru6hI/ta2GM+0N+eLDw38rB06aQX2E1wA3Jm5eWRE6MMvWThiu1vL mBXbeCZOVKpYPUcFWE3EzphJLAfTAnMy05onD12zdu6hpqnjtTIKPaRb37B8fuDtpqrc T2+Q== MIME-Version: 1.0 X-Received: by 10.180.37.237 with SMTP id b13mr5161156wik.52.1386124537405; Tue, 03 Dec 2013 18:35:37 -0800 (PST) Sender: gettysjim@gmail.com Received: by 10.227.198.66 with HTTP; Tue, 3 Dec 2013 18:35:37 -0800 (PST) In-Reply-To: References: Date: Tue, 3 Dec 2013 21:35:37 -0500 X-Google-Sender-Auth: IsZGRKyGTqeO_Yt3sEIan0JGdi4 Message-ID: From: Jim Gettys To: "Richard E. Brown" Content-Type: multipart/alternative; boundary=e89a8f64673daaa8b504ecac44c4 Cc: "cerowrt-devel@lists.bufferbloat.net" Subject: Re: [Cerowrt-devel] CeroWrt 3.10.18-1 odd firewall warnings X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Dec 2013 02:35:40 -0000 --e89a8f64673daaa8b504ecac44c4 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable Dave helped me get up a HE IPv6 tunnel. There were two things: 1) when I change routers, Comcast gives me a different IPv4 address, so I had to update the Hurricane information to correspond. 2) CeroWrt is using a new version of dnsmasq, which has good support for IPv6, and IIRC, Dave turned on the dnsmasq support and turned off 6relayd, or some such... Been working fine for me since. - Jim On Mon, Dec 2, 2013 at 8:21 PM, Richard E. Brown w= rote: > When I was trying to set up the Hurricane Electric 6in4 tunnel, I got two > sets of warnings from CeroWrt 3.10.18-1. > > 1) I used the tunnel.sh script (see URL below) to set up my tunnel. I got > the first set of output. Note the =93Error: Failed to connect to ubus=94 > message. Is this OK? (The tunnel did come up after restarting the router.= ) > > 2) I then re-ran the firewall restart command (see second set of output) > and saw a number of warnings. Any problems/surprises here? > > Best, > > Rich > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D 1) Restarting the firewall from t= he script that sets up the > HE.net 6in4 tunnel =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D see script at the bottom of: > http://www.bufferbloat.net/projects/cerowrt/wiki/IPv6_Tunnel > > root@cerowrt:/tmp# sh tunnel.sh > Downloading > http://snapon.lab.bufferbloat.net/~cero2/cerowrt/wndr/3.10.18-1/packages/= Packages.gz > . > Updated list of available packages in /var/opkg-lists/vancouver. > Package 6in4 (14-1) installed in root is up to date. > Setting up HE.net tunnel > Restarting network... "Device busy (-16)" messages are OK. > Restarting firewall... > Error: Failed to connect to ubus > Done. You should restart the router now to make these take effect. > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D 2) Restarting the firewall fro= m the command line > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > root@cerowrt:~# uname -a > Linux cerowrt 3.10.18 #1 Sun Nov 10 14:35:09 PST 2013 mips GNU/Linux > > root@cerowrt:~# /etc/init.d/firewall restart > * Flushing IPv4 filter table > * Flushing IPv4 nat table > * Flushing IPv4 mangle table > * Flushing IPv4 raw table > * Flushing IPv6 filter table > * Flushing IPv6 nat table > * Flushing IPv6 mangle table > * Flushing IPv6 raw table > * Flushing conntrack table ... > * Populating IPv4 filter table > * Zone 'wan' > * Zone 'lan' > * Zone 'guest' > * Rule 'domain' > * Rule 'ntp' > * Rule 'dhcp4' > * Rule 'printers' > * Rule 'Useful Services' > * Rule 'blockconfig' > * Rule 'blockconfig2' > * Forward 'guest' -> 'wan' > * Forward 'lan' -> 'wan' > * Forward 'wan' -> 'lan' > * Forward 'lan' -> 'guest' > * Forward 'wan' -> 'guest' > * Populating IPv4 nat table > * Zone 'wan' > * Zone 'lan' > * Zone 'guest' > * Populating IPv4 mangle table > * Zone 'wan' > * Zone 'lan' > * Zone 'guest' > * Populating IPv4 raw table > * Zone 'wan' > * Zone 'lan' > * Zone 'guest' > * Populating IPv6 filter table > * Zone 'wan' > * Zone 'lan' > * Zone 'guest' > * Rule 'domain' > * Rule 'ntp' > * Rule 'printers' > * Rule 'Useful Services' > * Rule 'ipv6 dfz' > * Rule 'icmpv6' > * Rule 'blockconfig' > * Rule 'Allow-DHCPv6' > * Rule 'blockconfig2' > * Forward 'guest' -> 'wan' > * Forward 'lan' -> 'wan' > * Forward 'wan' -> 'lan' > * Forward 'lan' -> 'guest' > * Forward 'wan' -> 'guest' > * Populating IPv6 nat table > * Zone 'wan' > Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_wan_rule' > Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_wan_rule' > * Zone 'lan' > Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_lan_rule' > Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_lan_rule' > * Zone 'guest' > Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_guest_rule' > Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_guest_rule= ' > Warning: fw3_ipt_rule_append(): Can't find target 'delegate_prerouting' > Warning: fw3_ipt_rule_append(): Can't find target 'delegate_postrouting' > Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_rule' > Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_rule' > * Populating IPv6 mangle table > * Zone 'wan' > * Zone 'lan' > * Zone 'guest' > * Populating IPv6 raw table > * Zone 'wan' > * Zone 'lan' > * Zone 'guest' > * Set tcp_ecn to on > * Set tcp_syncookies to on > * Set tcp_window_scaling to on > _______________________________________________ > Cerowrt-devel mailing list > Cerowrt-devel@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/cerowrt-devel > --e89a8f64673daaa8b504ecac44c4 Content-Type: text/html; charset=windows-1252 Content-Transfer-Encoding: quoted-printable
Dav= e helped me get up a HE IPv6 tunnel.

There were two things:
1) when I change routers, Comcast gives me a different IPv4 address= , so I had to update the Hurricane information to correspond.
2) CeroWrt is using a new version of dnsmasq, which has good support for IP= v6, and IIRC, Dave turned on the dnsmasq support and turned off 6relayd, or= some such...
<= br>
Been working f= ine for me since.
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 - Jim



On Mon, Dec 2, 2013 at 8:21 PM, Richard E. Brown <<= a href=3D"mailto:richb.hanover@gmail.com" target=3D"_blank">richb.hanover@g= mail.com> wrote:
When I was trying to set up the Hurricane El= ectric 6in4 tunnel, I got two sets of warnings from CeroWrt 3.10.18-1.

1) I used the tunnel.sh script (see URL below) to set up my tunnel. I got t= he first set of output. Note the =93Error: Failed to connect to ubus=94 mes= sage. Is this OK? (The tunnel did come up after restarting the router.)

2) I then re-ran the firewall restart command (see second set of output) an= d saw a number of warnings. Any problems/surprises here?

Best,

Rich

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D 1) Restarting the firewall from the= script that sets up the HE.net 6in4 tunnel =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D see script at the bottom of: http://www.bufferbloat.net/projects/cerowrt/wiki/IPv6_Tunnel

root@cerowrt:/tmp# sh tunnel.sh
Downloading http://snapon.lab.buffe= rbloat.net/~cero2/cerowrt/wndr/3.10.18-1/packages/Packages.gz.
Updated list of available packages in /var/opkg-lists/vancouver.
Package 6in4 (14-1) installed in root is up to date.
Setting up HE.net tunnel
Restarting network... "Device busy (-16)" messages are OK.
Restarting firewall...
Error: Failed to connect to ubus
Done. You should restart the router now to make these take effect.

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D 2) Restarting the firewall from = the command line =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

root@cerowrt:~# uname -a
Linux cerowrt 3.10.18 #1 Sun Nov 10 14:35:09 PST 2013 mips GNU/Linux

root@cerowrt:~# /etc/init.d/firewall restart
=A0* Flushing IPv4 filter table
=A0* Flushing IPv4 nat table
=A0* Flushing IPv4 mangle table
=A0* Flushing IPv4 raw table
=A0* Flushing IPv6 filter table
=A0* Flushing IPv6 nat table
=A0* Flushing IPv6 mangle table
=A0* Flushing IPv6 raw table
=A0* Flushing conntrack table ...
=A0* Populating IPv4 filter table
=A0 =A0* Zone 'wan'
=A0 =A0* Zone 'lan'
=A0 =A0* Zone 'guest'
=A0 =A0* Rule 'domain'
=A0 =A0* Rule 'ntp'
=A0 =A0* Rule 'dhcp4'
=A0 =A0* Rule 'printers'
=A0 =A0* Rule 'Useful Services'
=A0 =A0* Rule 'blockconfig'
=A0 =A0* Rule 'blockconfig2'
=A0 =A0* Forward 'guest' -> 'wan'
=A0 =A0* Forward 'lan' -> 'wan'
=A0 =A0* Forward 'wan' -> 'lan'
=A0 =A0* Forward 'lan' -> 'guest'
=A0 =A0* Forward 'wan' -> 'guest'
=A0* Populating IPv4 nat table
=A0 =A0* Zone 'wan'
=A0 =A0* Zone 'lan'
=A0 =A0* Zone 'guest'
=A0* Populating IPv4 mangle table
=A0 =A0* Zone 'wan'
=A0 =A0* Zone 'lan'
=A0 =A0* Zone 'guest'
=A0* Populating IPv4 raw table
=A0 =A0* Zone 'wan'
=A0 =A0* Zone 'lan'
=A0 =A0* Zone 'guest'
=A0* Populating IPv6 filter table
=A0 =A0* Zone 'wan'
=A0 =A0* Zone 'lan'
=A0 =A0* Zone 'guest'
=A0 =A0* Rule 'domain'
=A0 =A0* Rule 'ntp'
=A0 =A0* Rule 'printers'
=A0 =A0* Rule 'Useful Services'
=A0 =A0* Rule 'ipv6 dfz'
=A0 =A0* Rule 'icmpv6'
=A0 =A0* Rule 'blockconfig'
=A0 =A0* Rule 'Allow-DHCPv6'
=A0 =A0* Rule 'blockconfig2'
=A0 =A0* Forward 'guest' -> 'wan'
=A0 =A0* Forward 'lan' -> 'wan'
=A0 =A0* Forward 'wan' -> 'lan'
=A0 =A0* Forward 'lan' -> 'guest'
=A0 =A0* Forward 'wan' -> 'guest'
=A0* Populating IPv6 nat table
=A0 =A0* Zone 'wan'
Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_wan_r= ule'
Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_wan_= rule'
=A0 =A0* Zone 'lan'
Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_lan_r= ule'
Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_lan_= rule'
=A0 =A0* Zone 'guest'
Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_guest= _rule'
Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_gues= t_rule'
Warning: fw3_ipt_rule_append(): Can't find target 'delegate_prerout= ing'
Warning: fw3_ipt_rule_append(): Can't find target 'delegate_postrou= ting'
Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_rule&= #39;
Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_rule= '
=A0* Populating IPv6 mangle table
=A0 =A0* Zone 'wan'
=A0 =A0* Zone 'lan'
=A0 =A0* Zone 'guest'
=A0* Populating IPv6 raw table
=A0 =A0* Zone 'wan'
=A0 =A0* Zone 'lan'
=A0 =A0* Zone 'guest'
=A0* Set tcp_ecn to on
=A0* Set tcp_syncookies to on
=A0* Set tcp_window_scaling to on
_______________________________________________
Cerowrt-devel mailing list
Cerowrt-devel@lists.= bufferbloat.net
https://lists.bufferbloat.net/listinfo/cerowrt-devel

--e89a8f64673daaa8b504ecac44c4--