Lan file share not working

jalmado · April 28, 2020, 9:55pm

Hello, I'm new to the forum, although not new to Openwrt. But I have a simple question: With another router with a stock firmware, I was able to share files with my android phone, connecting to a server created by the phone. This is not working in OpenWrt 19.07.2. What might be the problem? I was able to do it once by changing some settings in the firewall, but I couldn't get it afterwards.

psherman · April 28, 2020, 10:53pm

Check your firewall on you computer or other network devices. Windows tends to set a strict firewall (public mode) when it sees a new router. You would need to change it back to a trusted network before sharing would work properly.

File sharing on your lan has nothing to do with your router’s firewall unless you have created multiple sub networks/VLANs. so you may want to revert those changes and/or post them here for review (done incorrectly, your firewall changes could reduce your network security).

jalmado · April 29, 2020, 9:50am

Thank you for your answer. I use Ubuntu 19.10, and the firewall is not active (the command "sudo ufw status" shows it as inactive).

And I haven't created any sub networks. I just accepted all traffic. You can see the general zone settings in this picture:

I don't know what may be causing this problem.

eduperez · April 29, 2020, 11:53am

It is not clear to me which device shares the files, which device must access those files, and how are they connected.

psherman · April 29, 2020, 3:11pm

How are the 2 devices connected to the network, physically? Are they both wired? One wired one WiFi? Or both wireless?

Hegabo · April 29, 2020, 3:30pm

Could you check if you by chance have turned on Client isolation for the Wi-Fi.

Are they the same phone and the same PC that were used on stock firmware? Is it safe to presume there is no issue with the file sharing protocol for the client?

Also taking one step back world be to test if the PC and the phone are able to ping each other.

jalmado · April 29, 2020, 9:05pm

Any device sharing the files will have this problem. For example, my android smartphone will create a server with the IP adress http://192.168.1.204:1234 , and my PC won't be able to connect to to it. Also, another PC running Ubuntu won't be able to connect with samba to a shared folder in my main laptop.

jalmado · April 29, 2020, 9:06pm

They are both connected wirelessly to the same router running Openwrt.

psherman · April 29, 2020, 10:04pm

As @Hegabo mentioned, it may be client isolation. Can you check that?

Also verify that the correct IP addresses (and ports) are being used -- a new router/firmware may possibly allocate IP address via DHCP differently than the previous configuration.

Finally, we can review your config for any errors or options that might restrict connectivity.

Please post the output of the following commands. Remember to redact passwords, MAC adresses and any public IP addresses you may have:

cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall

jalmado · April 29, 2020, 10:41pm

I haven't checked client isolation:

I have also verified the IP addresses and ports, with http, ftp and samba protocols.

The ouput of the above commands are:

root@OpenWrt:~# cat /etc/config/network

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd38:203e:e6ec::/48'

config atm-bridge 'atm'
	option vpi '1'
	option vci '32'
	option encaps 'llc'
	option payload 'bridged'
	option nameprefix 'dsl'

config dsl 'dsl'
	option annex 'a'
	option firmware '/lib/firmware/adsl.bin'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0.1'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	option ip6assign '60'

config device 'lan_eth0_1_dev'
	option name 'eth0.1'
	option macaddr '*******************'

config interface 'wan'
	option proto 'dhcp'
	option ifname 'br-lan'

config device 'wan_dsl0_dev'
	option name 'dsl0'
	option macaddr '********************'

config interface 'wan6'
	option ifname '@wan'
	option proto 'dhcpv6'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '1 2 3 4 5t'

**root@OpenWrt:~# cat /etc/config/wireless**

config wifi-device 'radio0'
	option type 'mac80211'
	option channel '11'
	option hwmode '11g'
	option path 'pci0000:00/0000:00:0e.0'
	option htmode 'HT20'
	option country 'ES'

config wifi-iface 'default_radio0'
	option device 'radio0'
	option network 'lan'
	option mode 'ap'
	option key '****************'
	option ssid 'WIFI'
	option encryption 'psk-mixed'

root@OpenWrt:~# cat /etc/config/dhcp

config dnsmasq
	option domainneeded '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.auto'
	option localservice '1'
	option enable_tftp '1'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv6 'server'
	option ra 'server'
	option ra_management '1'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

root@OpenWrt:~# cat /etc/config/firewall

config defaults
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	option syn_flood '1'

config zone
	option name 'lan'
	list network 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	list device 'eth0.1'

config zone
	option name 'wan'
	list network 'wan'
	list network 'wan6'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option masq '1'
	option mtu_fix '1'

config forwarding
	option src 'lan'
	option dest 'wan'

config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'
	option family 'ipv4'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option src_ip 'fc00::/6'
	option dest_ip 'fc00::/6'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-IPSec-ESP'
	option src 'wan'
	option dest 'lan'
	option proto 'esp'
	option target 'ACCEPT'

config rule
	option name 'Allow-ISAKMP'
	option src 'wan'
	option dest 'lan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'

config include
	option path '/etc/firewall.user'

psherman · April 29, 2020, 10:49pm

I am not seeing anything that looks out of the ordinary.

Are the two systems able to ping each other? Can they both ping the gateway (192.168.1.1)? Can they browse the internet normally through your network? Are there any other local resources on your network you can test for local connectivity (for example, can you test connecting to/from a wired machine)?

Aside from the basics (i.e. SSID name and password), have you made any changes or installed/upgraded any packages?

Hegabo · April 29, 2020, 11:08pm

I don't think this is the problem, but I don't like it.

psherman · April 29, 2020, 11:08pm

Good catch @Hegabo!

jalmado · April 30, 2020, 12:02pm

Both the PC and the smartphone can ping the gateway 192.168.1.1 without problems, but when I tried to ping one system from the other, the process of pinging froze in the terminal.

But suddenly, after pinging each other, the ping started to work and the problem has solved and I can connect to the server created by the smartphone.

This is weird because I don't know why it suddenly fixed itself. Thank you all of you who have helped me with this problem. If it happens again, I know that pinging each other will be the solution.

eduperez · April 30, 2020, 7:27pm

That could be an IP address conflict, check that you do not have two machines with the same IP address.