[Cerowrt-devel] saner defaults for config/firewall

Vincent Frentzel zcecc22 at c3r.es
Mon Feb 24 05:05:07 EST 2014

>         I could be totally out for lunch here, but shouldn't that be se00
> (secure ethernet) instead of eth0.1? At least on 3.10.28-14 neuter
> "ifconfig" nor /etc/config/network mentions eth0.1 at all. Could you post
> both of these (so the result of calling ifconfig on a terminal on the
> router and the content of /etc/config/network ;), I am sure you know what I
> meant, just dying to be verbose for the sake of people stumbling over the
> archive of the mailing list)

Hi Sebastian,

Understood. I will come back to you with the ifconfig.

For info, I did try both se00 and eth0.1. The reason I stuck with eth0.1
was that barrier breaker usually uses eth0.1 for br-lan with vlan enabled
(eth0.1 appears in Luci in cerowrt). So in cero I just reenabled the vlan
and used a type "bridge" on the network section (I renamed this section
se99 instead of se00).

I then added se99 it to the "lan" zone of the firewall. In the wireless
config I specified network as "se99" instead of sw10 and sw00. I confirmed
that the setup was correct in the web interface where eth0.1 sw00 and sw10
appeared under the new bridged interface ( there was the nice icon with the
iface in brackets).

I went on to modify the dhcp config of se00 and changed se00 occurences for
se99 and commented out entries for sw10/sw00. --> this would give me dhcp
running on my new bridge.

After a dnsmasq restart dnsmasq.conf shows the dhcp ranges line with
interface se99. (I was expecting to see br-se99 but maybe that file is
alias aware, could be wrong here).

After a network restart I lost connectivity on cable. Wireless was working.

I played a tad more and eventually lost wifi as well and had to reflash the
router via tftp/factory image (maybe there is a reset trick you could give
me to avoid this step).

Are you running cerowrt in bridge mode? If yes could you share your
network/firewall/dhcp config? Is there another file I should have edited
and missed?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.bufferbloat.net/pipermail/cerowrt-devel/attachments/20140224/571689b6/attachment-0002.html>

More information about the Cerowrt-devel mailing list