Hello, I'm new to the forum, although not new to Openwrt. But I have a simple question: With another router with a stock firmware, I was able to share files with my android phone, connecting to a server created by the phone. This is not working in OpenWrt 19.07.2. What might be the problem? I was able to do it once by changing some settings in the firewall, but I couldn't get it afterwards.
Check your firewall on you computer or other network devices. Windows tends to set a strict firewall (public mode) when it sees a new router. You would need to change it back to a trusted network before sharing would work properly.
File sharing on your lan has nothing to do with your router’s firewall unless you have created multiple sub networks/VLANs. so you may want to revert those changes and/or post them here for review (done incorrectly, your firewall changes could reduce your network security).
Thank you for your answer. I use Ubuntu 19.10, and the firewall is not active (the command "sudo ufw status" shows it as inactive).
And I haven't created any sub networks. I just accepted all traffic. You can see the general zone settings in this picture:
I don't know what may be causing this problem.
It is not clear to me which device shares the files, which device must access those files, and how are they connected.
How are the 2 devices connected to the network, physically? Are they both wired? One wired one WiFi? Or both wireless?
Could you check if you by chance have turned on
Client isolation for the Wi-Fi.
Are they the same phone and the same PC that were used on stock firmware? Is it safe to presume there is no issue with the file sharing protocol for the client?
Also taking one step back world be to test if the PC and the phone are able to ping each other.
Any device sharing the files will have this problem. For example, my android smartphone will create a server with the IP adress http://192.168.1.204:1234 , and my PC won't be able to connect to to it. Also, another PC running Ubuntu won't be able to connect with samba to a shared folder in my main laptop.
They are both connected wirelessly to the same router running Openwrt.
As @Hegabo mentioned, it may be client isolation. Can you check that?
Also verify that the correct IP addresses (and ports) are being used -- a new router/firmware may possibly allocate IP address via DHCP differently than the previous configuration.
Finally, we can review your config for any errors or options that might restrict connectivity.
Please post the output of the following commands. Remember to redact passwords, MAC adresses and any public IP addresses you may have:
cat /etc/config/network cat /etc/config/wireless cat /etc/config/dhcp cat /etc/config/firewall
I haven't checked client isolation:
I have also verified the IP addresses and ports, with http, ftp and samba protocols.
The ouput of the above commands are:
root@OpenWrt:~# cat /etc/config/network
config interface 'loopback' option ifname 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config globals 'globals' option ula_prefix 'fd38:203e:e6ec::/48' config atm-bridge 'atm' option vpi '1' option vci '32' option encaps 'llc' option payload 'bridged' option nameprefix 'dsl' config dsl 'dsl' option annex 'a' option firmware '/lib/firmware/adsl.bin' config interface 'lan' option type 'bridge' option ifname 'eth0.1' option proto 'static' option ipaddr '192.168.1.1' option netmask '255.255.255.0' option ip6assign '60' config device 'lan_eth0_1_dev' option name 'eth0.1' option macaddr '*******************' config interface 'wan' option proto 'dhcp' option ifname 'br-lan' config device 'wan_dsl0_dev' option name 'dsl0' option macaddr '********************' config interface 'wan6' option ifname '@wan' option proto 'dhcpv6' config switch option name 'switch0' option reset '1' option enable_vlan '1' config switch_vlan option device 'switch0' option vlan '1' option ports '1 2 3 4 5t' **root@OpenWrt:~# cat /etc/config/wireless** config wifi-device 'radio0' option type 'mac80211' option channel '11' option hwmode '11g' option path 'pci0000:00/0000:00:0e.0' option htmode 'HT20' option country 'ES' config wifi-iface 'default_radio0' option device 'radio0' option network 'lan' option mode 'ap' option key '****************' option ssid 'WIFI' option encryption 'psk-mixed'
root@OpenWrt:~# cat /etc/config/dhcp
config dnsmasq option domainneeded '1' option localise_queries '1' option rebind_protection '1' option rebind_localhost '1' option local '/lan/' option domain 'lan' option expandhosts '1' option authoritative '1' option readethers '1' option leasefile '/tmp/dhcp.leases' option resolvfile '/tmp/resolv.conf.auto' option localservice '1' option enable_tftp '1' config dhcp 'lan' option interface 'lan' option start '100' option limit '150' option leasetime '12h' option dhcpv6 'server' option ra 'server' option ra_management '1' config dhcp 'wan' option interface 'wan' option ignore '1' config odhcpd 'odhcpd' option maindhcp '0' option leasefile '/tmp/hosts/odhcpd' option leasetrigger '/usr/sbin/odhcpd-update' option loglevel '4'
root@OpenWrt:~# cat /etc/config/firewall
config defaults option input 'ACCEPT' option output 'ACCEPT' option forward 'ACCEPT' option syn_flood '1' config zone option name 'lan' list network 'lan' option input 'ACCEPT' option output 'ACCEPT' option forward 'ACCEPT' list device 'eth0.1' config zone option name 'wan' list network 'wan' list network 'wan6' option input 'REJECT' option output 'ACCEPT' option forward 'REJECT' option masq '1' option mtu_fix '1' config forwarding option src 'lan' option dest 'wan' config rule option name 'Allow-DHCP-Renew' option src 'wan' option proto 'udp' option dest_port '68' option target 'ACCEPT' option family 'ipv4' config rule option name 'Allow-Ping' option src 'wan' option proto 'icmp' option icmp_type 'echo-request' option family 'ipv4' option target 'ACCEPT' config rule option name 'Allow-IGMP' option src 'wan' option proto 'igmp' option family 'ipv4' option target 'ACCEPT' config rule option name 'Allow-DHCPv6' option src 'wan' option proto 'udp' option src_ip 'fc00::/6' option dest_ip 'fc00::/6' option dest_port '546' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-MLD' option src 'wan' option proto 'icmp' option src_ip 'fe80::/10' list icmp_type '130/0' list icmp_type '131/0' list icmp_type '132/0' list icmp_type '143/0' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-ICMPv6-Input' option src 'wan' option proto 'icmp' list icmp_type 'echo-request' list icmp_type 'echo-reply' list icmp_type 'destination-unreachable' list icmp_type 'packet-too-big' list icmp_type 'time-exceeded' list icmp_type 'bad-header' list icmp_type 'unknown-header-type' list icmp_type 'router-solicitation' list icmp_type 'neighbour-solicitation' list icmp_type 'router-advertisement' list icmp_type 'neighbour-advertisement' option limit '1000/sec' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-ICMPv6-Forward' option src 'wan' option dest '*' option proto 'icmp' list icmp_type 'echo-request' list icmp_type 'echo-reply' list icmp_type 'destination-unreachable' list icmp_type 'packet-too-big' list icmp_type 'time-exceeded' list icmp_type 'bad-header' list icmp_type 'unknown-header-type' option limit '1000/sec' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-IPSec-ESP' option src 'wan' option dest 'lan' option proto 'esp' option target 'ACCEPT' config rule option name 'Allow-ISAKMP' option src 'wan' option dest 'lan' option dest_port '500' option proto 'udp' option target 'ACCEPT' config include option path '/etc/firewall.user'
I am not seeing anything that looks out of the ordinary.
Are the two systems able to ping each other? Can they both ping the gateway (192.168.1.1)? Can they browse the internet normally through your network? Are there any other local resources on your network you can test for local connectivity (for example, can you test connecting to/from a wired machine)?
Aside from the basics (i.e. SSID name and password), have you made any changes or installed/upgraded any packages?
I don't think this is the problem, but I don't like it.
Good catch @Hegabo!
Both the PC and the smartphone can ping the gateway 192.168.1.1 without problems, but when I tried to ping one system from the other, the process of pinging froze in the terminal.
But suddenly, after pinging each other, the ping started to work and the problem has solved and I can connect to the server created by the smartphone.
This is weird because I don't know why it suddenly fixed itself. Thank you all of you who have helped me with this problem. If it happens again, I know that pinging each other will be the solution.
That could be an IP address conflict, check that you do not have two machines with the same IP address.