[Cerowrt-devel] saner defaults for config/firewall
Vincent Frentzel
zcecc22 at c3r.es
Mon Feb 24 06:35:23 EST 2014
I am familiar with that command :) Was wondering if there was something I
could do when I cannot ssh into the router. As mentioned above, when trying
to configure the bridge I hit a point where I could nt get in the router
anymore.
I understand the design decisions of the project and far from me the idea
of challenging them :) I was simply trying to provide an alternative config
with a standard bridge ethernet + wifi for reference. I believe that in the
case mentioned by Sebastian (multiple, mobile, devices accessing resources
across segments) bridging is a simple way forward.
In my particular case, correct route propagation is a problem on IPV6 (im
not running babel) and I have only 2 wifi clients... Bridging has never
shown any perf issues in the past so I 'd like to switch back to this
simpler setup. I can picture that this might not fit the bill for more
intensive use cases.
On Mon, Feb 24, 2014 at 12:03 PM, Fred Stratton <fredstratton at imap.cc>wrote:
> So much for memory
>
> mtd -r erase rootfs_data
>
> is the correct invocation.
>
>
>
> On 24/02/14 10:18, Fred Stratton wrote:
>
> I suggest you read the cero wiki. This details the original design
> decisions. On the router,
>
> ssh in, and use
>
> mtd -r erase fs_data
>
> to recover to defaults. See
>
> http://wiki.openwrt.org/doc/techref/mtd
>
> If you ever have used BB daily builds, you can type this in your sleep.
>
>
>
>
> On 24/02/14 10:05, Vincent Frentzel wrote:
>
>
>
>
>> I could be totally out for lunch here, but shouldn't that be se00
>> (secure ethernet) instead of eth0.1? At least on 3.10.28-14 neuter
>> "ifconfig" nor /etc/config/network mentions eth0.1 at all. Could you post
>> both of these (so the result of calling ifconfig on a terminal on the
>> router and the content of /etc/config/network ;), I am sure you know what I
>> meant, just dying to be verbose for the sake of people stumbling over the
>> archive of the mailing list)
>>
>
>
> Hi Sebastian,
>
> Understood. I will come back to you with the ifconfig.
>
> For info, I did try both se00 and eth0.1. The reason I stuck with eth0.1
> was that barrier breaker usually uses eth0.1 for br-lan with vlan enabled
> (eth0.1 appears in Luci in cerowrt). So in cero I just reenabled the vlan
> and used a type "bridge" on the network section (I renamed this section
> se99 instead of se00).
>
> I then added se99 it to the "lan" zone of the firewall. In the wireless
> config I specified network as "se99" instead of sw10 and sw00. I confirmed
> that the setup was correct in the web interface where eth0.1 sw00 and sw10
> appeared under the new bridged interface ( there was the nice icon with the
> iface in brackets).
>
> I went on to modify the dhcp config of se00 and changed se00 occurences
> for se99 and commented out entries for sw10/sw00. --> this would give me
> dhcp running on my new bridge.
>
> After a dnsmasq restart dnsmasq.conf shows the dhcp ranges line with
> interface se99. (I was expecting to see br-se99 but maybe that file is
> alias aware, could be wrong here).
>
> After a network restart I lost connectivity on cable. Wireless was
> working.
>
> I played a tad more and eventually lost wifi as well and had to reflash
> the router via tftp/factory image (maybe there is a reset trick you could
> give me to avoid this step).
>
> Are you running cerowrt in bridge mode? If yes could you share your
> network/firewall/dhcp config? Is there another file I should have edited
> and missed?
>
> Cheers,
> V
>
>
> _______________________________________________
> Cerowrt-devel mailing listCerowrt-devel at lists.bufferbloat.nethttps://lists.bufferbloat.net/listinfo/cerowrt-devel
>
>
>
>
> _______________________________________________
> Cerowrt-devel mailing listCerowrt-devel at lists.bufferbloat.nethttps://lists.bufferbloat.net/listinfo/cerowrt-devel
>
>
>
> _______________________________________________
> Cerowrt-devel mailing list
> Cerowrt-devel at lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/cerowrt-devel
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.bufferbloat.net/pipermail/cerowrt-devel/attachments/20140224/7e689c3f/attachment-0002.html>
More information about the Cerowrt-devel
mailing list