Firewall blocks Lan port on reboot, every time

I'm using the X86 ImmortalWRT fork of openWRT.

This is my first attempt at setting up my own router so I know pretty much zero about the software. I thought that I'd set everything up on a demo network away from my Lan. It all looked good, so I powered it down and put it in place, but nothing worked. I couldn't access the Gui, or ping the Lan port, and there was no through traffic from the WAN port. But it showed up on a port scanner with the correct IP address. Yet it wouldn't talk to anything and nothing would talk to it on with the WAN or LAN ports.

After Googling so many different things that I simply cannot remember everything that tried or every change that I made (using the console as this was the only way to access anything) over the next 48 hours I finally narrowed the problem down to the firewall.

By disabling the firewall I can access the LAN port and the GUI, as well as SSH.

/etc/init.d/firewall stop

/etc/init.d/firewall disable

This lets me back in via ssh. However, whenever I reboot or power down I get the exact same problem. Zero ping, zero SSH, zero gui, and I need to disable the firewall all over again.

I didn't consciously set up anything or on the firewall or many any changes.

Also, my LAN and WAN ports appear to have reversed. My LAN was a USB dongle (Eth0), and my WAN was the onboard NIC (Eth1). When I rebooted the Lan port was the onboard NIC (Calling self Eth0 'br-lan') and my USB dongle was the WAN port (Eth1).

Both are wired ethernet.

wan and lan settings946×722 32.5 KB

Can anyone help?

A word of warning. I know zero about Openwrt, if you'd like me to post a config or a log file, please could you tell me exactly what I need to type.

I don't know where to find most settings, total beginner. I did all of my networking on Windows or Netware. Zero Linux. I don't know the first thing about using it.

It appears you are using firmware that is not from the official OpenWrt project.

When using forks/offshoots/vendor-specific builds that are "based on OpenWrt", there may be many differences compared to the official versions (hosted by OpenWrt.org). Some of these customizations may fundamentally change the way that OpenWrt works. You might need help from people with specific/specialized knowledge about the firmware you are using, so it is possible that advice you get here may not be useful.

You may find that the best options are:

1. Install an official version of OpenWrt, if your device is supported (see https://firmware-selector.openwrt.org).
2. Ask for help from the maintainer(s) or user community of the specific firmware that you are using.
3. Provide the source code for the firmware so that users on this forum can understand how your firmware works (OpenWrt forum users are volunteers, so somebody might look at the code if they have time and are interested in your issue).

If you believe that this specific issue is common to generic/official OpenWrt and/or the maintainers of your build have indicated as such, please feel free to clarify.

This looks like a mistake that I made, not a bug in ImmortalWRT. This is the more knowledgeable forum in that regard.

Maybe... but ImmortalWRT is not the same as OpenWrt.

If you have questions (even if they are user configs/errors) when using ImmortalWRT --> Ask ImmortalWRT.

If you have questions about official OpenWrt, we can help you here. OpenWrt does support x86, so you can install that and we can help you.

Can we at least try to determine that this isn't a generic issue?

Their main forum is on Git, and accessing it is problematic right now. I'd rather steer clear.

We do not support forks like ImmortalWRT or others. Full stop.

When a fork is created, it is their responsibility to support their users. They are the only ones who know the changes they have made and how it may affect the operation of the system.

Feel free to install the real OpenWrt, though.

Can you at least recommend a forum, not Git.

Again, those are questions for the maintainers of the fork you are using.

I don't know what kind of disagreement that you're having with them, or why it's such a problem to recommend another forum, but please don't take it out on me.

It's get BMW to fix your Lexus, for free, kind of disagreement.

It's not a disagreement. It's about who knows the code in their product and is thus responsible for support.

It's no different than GL-Inet who famously uses their own custom fork of OpenWrt with a huge number of changes. They are responsible for supporting their product, as they created it and thy are also the ones familiar with the changes that they have made and how it impacts the operation. We don't support that here, either.

I'm sorry if you feel that way -- that was not the intent. Rather, we invite you to use official OpenWrt and we can help you here. Or you can continue to use another project -- totally valid -- but you need to reach out to them for support.

It amazes me how users of non-OpenWrt software identify a confrontation when they ask another community/forum about something they didn’t create or distribute - and even identify the (unaffiliated) community as disagreeable. It's so baffling.

(Sometimes, it makes me wanna call Micro$oft and try to get them to support Red H@t for free.)