[Cerowrt-devel] CeroWrt 3.10.18-1 odd firewall warnings

Jim Gettys jg at freedesktop.org
Tue Dec 3 21:35:37 EST 2013 

Dave helped me get up a HE IPv6 tunnel.

There were two things:
1) when I change routers, Comcast gives me a different IPv4 address, so I
had to update the Hurricane information to correspond.
2) CeroWrt is using a new version of dnsmasq, which has good support for
IPv6, and IIRC, Dave turned on the dnsmasq support and turned off 6relayd,
or some such...

Been working fine for me since.
                  - Jim



On Mon, Dec 2, 2013 at 8:21 PM, Richard E. Brown <richb.hanover at gmail.com>wrote:

> When I was trying to set up the Hurricane Electric 6in4 tunnel, I got two
> sets of warnings from CeroWrt 3.10.18-1.
>
> 1) I used the tunnel.sh script (see URL below) to set up my tunnel. I got
> the first set of output. Note the “Error: Failed to connect to ubus”
> message. Is this OK? (The tunnel did come up after restarting the router.)
>
> 2) I then re-ran the firewall restart command (see second set of output)
> and saw a number of warnings. Any problems/surprises here?
>
> Best,
>
> Rich
>
> ============= 1) Restarting the firewall from the script that sets up the
> HE.net 6in4 tunnel ===========
> ============= see script at the bottom of:
> http://www.bufferbloat.net/projects/cerowrt/wiki/IPv6_Tunnel
>
> root at cerowrt:/tmp# sh tunnel.sh
> Downloading
> http://snapon.lab.bufferbloat.net/~cero2/cerowrt/wndr/3.10.18-1/packages/Packages.gz
> .
> Updated list of available packages in /var/opkg-lists/vancouver.
> Package 6in4 (14-1) installed in root is up to date.
> Setting up HE.net tunnel
> Restarting network... "Device busy (-16)" messages are OK.
> Restarting firewall...
> Error: Failed to connect to ubus
> Done. You should restart the router now to make these take effect.
>
> ============== 2) Restarting the firewall from the command line
> =============
>
> root at cerowrt:~# uname -a
> Linux cerowrt 3.10.18 #1 Sun Nov 10 14:35:09 PST 2013 mips GNU/Linux
>
> root at cerowrt:~# /etc/init.d/firewall restart
>  * Flushing IPv4 filter table
>  * Flushing IPv4 nat table
>  * Flushing IPv4 mangle table
>  * Flushing IPv4 raw table
>  * Flushing IPv6 filter table
>  * Flushing IPv6 nat table
>  * Flushing IPv6 mangle table
>  * Flushing IPv6 raw table
>  * Flushing conntrack table ...
>  * Populating IPv4 filter table
>    * Zone 'wan'
>    * Zone 'lan'
>    * Zone 'guest'
>    * Rule 'domain'
>    * Rule 'ntp'
>    * Rule 'dhcp4'
>    * Rule 'printers'
>    * Rule 'Useful Services'
>    * Rule 'blockconfig'
>    * Rule 'blockconfig2'
>    * Forward 'guest' -> 'wan'
>    * Forward 'lan' -> 'wan'
>    * Forward 'wan' -> 'lan'
>    * Forward 'lan' -> 'guest'
>    * Forward 'wan' -> 'guest'
>  * Populating IPv4 nat table
>    * Zone 'wan'
>    * Zone 'lan'
>    * Zone 'guest'
>  * Populating IPv4 mangle table
>    * Zone 'wan'
>    * Zone 'lan'
>    * Zone 'guest'
>  * Populating IPv4 raw table
>    * Zone 'wan'
>    * Zone 'lan'
>    * Zone 'guest'
>  * Populating IPv6 filter table
>    * Zone 'wan'
>    * Zone 'lan'
>    * Zone 'guest'
>    * Rule 'domain'
>    * Rule 'ntp'
>    * Rule 'printers'
>    * Rule 'Useful Services'
>    * Rule 'ipv6 dfz'
>    * Rule 'icmpv6'
>    * Rule 'blockconfig'
>    * Rule 'Allow-DHCPv6'
>    * Rule 'blockconfig2'
>    * Forward 'guest' -> 'wan'
>    * Forward 'lan' -> 'wan'
>    * Forward 'wan' -> 'lan'
>    * Forward 'lan' -> 'guest'
>    * Forward 'wan' -> 'guest'
>  * Populating IPv6 nat table
>    * Zone 'wan'
> Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_wan_rule'
> Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_wan_rule'
>    * Zone 'lan'
> Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_lan_rule'
> Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_lan_rule'
>    * Zone 'guest'
> Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_guest_rule'
> Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_guest_rule'
> Warning: fw3_ipt_rule_append(): Can't find target 'delegate_prerouting'
> Warning: fw3_ipt_rule_append(): Can't find target 'delegate_postrouting'
> Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_rule'
> Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_rule'
>  * Populating IPv6 mangle table
>    * Zone 'wan'
>    * Zone 'lan'
>    * Zone 'guest'
>  * Populating IPv6 raw table
>    * Zone 'wan'
>    * Zone 'lan'
>    * Zone 'guest'
>  * Set tcp_ecn to on
>  * Set tcp_syncookies to on
>  * Set tcp_window_scaling to on
> _______________________________________________
> Cerowrt-devel mailing list
> Cerowrt-devel at lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/cerowrt-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.bufferbloat.net/pipermail/cerowrt-devel/attachments/20131203/f639478f/attachment-0002.html>

More information about the Cerowrt-devel mailing list