From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qe0-x22f.google.com (mail-qe0-x22f.google.com [IPv6:2607:f8b0:400d:c02::22f]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id B5F2821F20A for ; Mon, 2 Dec 2013 17:21:21 -0800 (PST) Received: by mail-qe0-f47.google.com with SMTP id t7so14553498qeb.34 for ; Mon, 02 Dec 2013 17:21:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:content-type:content-transfer-encoding:subject:message-id:date :to:mime-version; bh=sL2qccevPcm8DCOdZFQmVJpYcRnXnwCNi0kQicfhrEo=; b=E1h0nhF2A4voy5qZsd5+WxCwwr3qNm1ed8b18U1MRzDtEPpqeusk1v/VBuzF1zNeef 0Ynx6FpRB5Na8TOLI7pFo5FNxf1PHg3vHFKObjpPkq9syL1iNE0xFEOQXLZ3orT6Zlu3 W7GJenxe8E5sz8En1zo55xPgEUTDrnMiB8ugpI19hn+mtZs8V8V7NGktqpkz7+nKSSmT gQkbrAUZCnqEsuAUfkkVW2sObsb7RWkRiqX79pc3Izx1+/4ELqpOj8LiVJLYqEBHmfUi MW1OWwXHEqp1oj98rH4KVCFqxMxjLN5EkR1XZag9V3O9PQR2Dpg+A7DxUqNAgQH+sOlY FODg== X-Received: by 10.49.24.82 with SMTP id s18mr120978298qef.27.1386033680378; Mon, 02 Dec 2013 17:21:20 -0800 (PST) Received: from ?IPv6:2001:470:8a63:3:b131:3bfa:b354:ff75? ([2001:470:8a63:3:b131:3bfa:b354:ff75]) by mx.google.com with ESMTPSA id n14sm51900465qav.8.2013.12.02.17.21.19 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 02 Dec 2013 17:21:19 -0800 (PST) From: "Richard E. Brown" Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable Message-Id: Date: Mon, 2 Dec 2013 20:21:18 -0500 To: cerowrt-devel@lists.bufferbloat.net Mime-Version: 1.0 (Mac OS X Mail 7.0 \(1822\)) X-Mailer: Apple Mail (2.1822) Subject: [Cerowrt-devel] CeroWrt 3.10.18-1 odd firewall warnings X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Dec 2013 01:21:22 -0000 When I was trying to set up the Hurricane Electric 6in4 tunnel, I got = two sets of warnings from CeroWrt 3.10.18-1. 1) I used the tunnel.sh script (see URL below) to set up my tunnel. I = got the first set of output. Note the =93Error: Failed to connect to = ubus=94 message. Is this OK? (The tunnel did come up after restarting = the router.) 2) I then re-ran the firewall restart command (see second set of output) = and saw a number of warnings. Any problems/surprises here? Best, Rich =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D 1) Restarting the firewall from = the script that sets up the HE.net 6in4 tunnel =3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D see script at the bottom of: = http://www.bufferbloat.net/projects/cerowrt/wiki/IPv6_Tunnel root@cerowrt:/tmp# sh tunnel.sh Downloading = http://snapon.lab.bufferbloat.net/~cero2/cerowrt/wndr/3.10.18-1/packages/P= ackages.gz. Updated list of available packages in /var/opkg-lists/vancouver. Package 6in4 (14-1) installed in root is up to date. Setting up HE.net tunnel Restarting network... "Device busy (-16)" messages are OK. Restarting firewall... Error: Failed to connect to ubus Done. You should restart the router now to make these take effect. =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D 2) Restarting the firewall = from the command line =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D root@cerowrt:~# uname -a Linux cerowrt 3.10.18 #1 Sun Nov 10 14:35:09 PST 2013 mips GNU/Linux root@cerowrt:~# /etc/init.d/firewall restart * Flushing IPv4 filter table * Flushing IPv4 nat table * Flushing IPv4 mangle table * Flushing IPv4 raw table * Flushing IPv6 filter table * Flushing IPv6 nat table * Flushing IPv6 mangle table * Flushing IPv6 raw table * Flushing conntrack table ... * Populating IPv4 filter table * Zone 'wan' * Zone 'lan' * Zone 'guest' * Rule 'domain' * Rule 'ntp' * Rule 'dhcp4' * Rule 'printers' * Rule 'Useful Services' * Rule 'blockconfig' * Rule 'blockconfig2' * Forward 'guest' -> 'wan' * Forward 'lan' -> 'wan' * Forward 'wan' -> 'lan' * Forward 'lan' -> 'guest' * Forward 'wan' -> 'guest' * Populating IPv4 nat table * Zone 'wan' * Zone 'lan' * Zone 'guest' * Populating IPv4 mangle table * Zone 'wan' * Zone 'lan' * Zone 'guest' * Populating IPv4 raw table * Zone 'wan' * Zone 'lan' * Zone 'guest' * Populating IPv6 filter table * Zone 'wan' * Zone 'lan' * Zone 'guest' * Rule 'domain' * Rule 'ntp' * Rule 'printers' * Rule 'Useful Services' * Rule 'ipv6 dfz' * Rule 'icmpv6' * Rule 'blockconfig' * Rule 'Allow-DHCPv6' * Rule 'blockconfig2' * Forward 'guest' -> 'wan' * Forward 'lan' -> 'wan' * Forward 'wan' -> 'lan' * Forward 'lan' -> 'guest' * Forward 'wan' -> 'guest' * Populating IPv6 nat table * Zone 'wan' Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_wan_rule' Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_wan_rule' * Zone 'lan' Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_lan_rule' Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_lan_rule' * Zone 'guest' Warning: fw3_ipt_rule_append(): Can't find target = 'prerouting_guest_rule' Warning: fw3_ipt_rule_append(): Can't find target = 'postrouting_guest_rule' Warning: fw3_ipt_rule_append(): Can't find target 'delegate_prerouting' Warning: fw3_ipt_rule_append(): Can't find target 'delegate_postrouting' Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_rule' Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_rule' * Populating IPv6 mangle table * Zone 'wan' * Zone 'lan' * Zone 'guest' * Populating IPv6 raw table * Zone 'wan' * Zone 'lan' * Zone 'guest' * Set tcp_ecn to on * Set tcp_syncookies to on * Set tcp_window_scaling to on=