Problem making OpenNDS work

Hi all.

I try to set a splash page for my wifi visitors and I have trouble making OpenNDS work.
Here is my configuration :

  • Ubiquiti Edge Router X running OpenWRT 23.05
  • Edge Router X connected to a Unifi switch with Unifi AP exposing a wifi on interface named CLT_10 (br-lan.10)
  • OpenNDS 10.2.0-1 configured with :
config opennds
    option enabled 1
    option debuglevel '3'
    option fwhook_enabled '1'
    option gatewayinterface 'br-lan.10'

After restarting opennds (service opennds restart), it seems to be running :

$ service opennds status
running

When I connect to the wifi on br-lan.10, I am prompted to enter my wifi password but the splash page does not show. My internet access works as intended.

I checked the status of opennds :

$ ndsctl status
ndsctl: opennds probably not yet started (Error: No such file or directory)

Despite debuglevel being at '3', there is no info in the log file (/tmp/ndscids/ndsinfo) but :

tmpfsmountpoint="/tmp"
gatewaynamehtml="openNDS Node:7483c20e6984 "
gatewayaddress="192.168.10.1"
gatewayfqdn="status.client"
version=10.2.0

Any help will be greatly appreciated.

Hi.
It's been 3 weeks now and I am still stuck with OpenNDS.
Is there any one here to help me ?

Thanks in advance.

@bluewavenet any ideas ?

Seems obvious that it is not running.

Show the first hundred or so lines of:
service opennds restart; logread -e opennds -f

Hi.

I can see that it is not running but I don't understand why, as 'service opennds status' tells me otherwise (it returns 'running').

After running 'service opennds restart; logread -e opennds -f', the problems seems to be with the firewall rules but I can't figure out why.

Here is the output of the command :

Mon Apr  8 17:38:59 2024 daemon.info opennds[4794]: option enabled is [ 1 ]
Mon Apr  8 17:38:59 2024 daemon.notice opennds[4794]: openNDS Version 10.2.0 is in startup
Mon Apr  8 17:38:59 2024 daemon.info opennds[4794]: openNDS Version 10.2.0 is in startup - Please wait....
Mon Apr  8 17:38:59 2024 daemon.info opennds[4794]: option gatewayname is [ openNDS ]
Mon Apr  8 17:38:59 2024 daemon.notice opennds[4794]: The name of this gateway is openNDS
Mon Apr  8 17:38:59 2024 daemon.info opennds[4794]: option gatewayfqdn is [ status.client ]
Mon Apr  8 17:38:59 2024 daemon.info opennds[4794]: option statuspath is [ /usr/lib/opennds/client_params.sh ]
Mon Apr  8 17:38:59 2024 daemon.info opennds[4794]: option gatewayinterface is [ br-lan.10 ]
Mon Apr  8 17:39:00 2024 daemon.info opennds[4794]: option gateway_iprange is [ 0.0.0.0/0 ]
Mon Apr  8 17:39:00 2024 daemon.info opennds[4794]: option faskey is [ af9ce3a0f9003e46050a1d9431a33449bd71cf38c051d6e301c2c8ec835affc8 ]
Mon Apr  8 17:39:00 2024 daemon.info opennds[4794]: option log_mountpoint is [ /tmp ]
Mon Apr  8 17:39:00 2024 daemon.info opennds[4794]: option webroot is [ /etc/opennds/htdocs ]
Mon Apr  8 17:39:00 2024 daemon.info opennds[4794]: option authdir is [ opennds_auth ]
Mon Apr  8 17:39:00 2024 daemon.info opennds[4794]: option denydir is [ opennds_deny ]
Mon Apr  8 17:39:00 2024 daemon.info opennds[4794]: option preauthdir is [ opennds_preauth ]
Mon Apr  8 17:39:00 2024 daemon.info opennds[4794]: option ndsctl_sock is [ ndsctl.sock ]
Mon Apr  8 17:39:01 2024 daemon.info opennds[4794]: option authentication_mark is [ 0x00030000 ]
Mon Apr  8 17:39:01 2024 daemon.info opennds[4794]: option binauth is [ /usr/lib/opennds/binauth_log.sh ]
Mon Apr  8 17:39:01 2024 daemon.info opennds[4794]: option faspath is [ / ]
Mon Apr  8 17:39:01 2024 daemon.info opennds[4794]: option themespec_path is [  ]
Mon Apr  8 17:39:01 2024 daemon.info opennds[4794]: option fasremoteip is [  ]
Mon Apr  8 17:39:01 2024 daemon.info opennds[4794]: option fasremotefqdn is [ disabled ]
Mon Apr  8 17:39:01 2024 daemon.info opennds[4794]: option fas_ssl is [ wget ]
Mon Apr  8 17:39:02 2024 daemon.info opennds[4794]: option debuglevel is [ 3 ]
Mon Apr  8 17:39:02 2024 daemon.debug opennds[4794]: safe_snprintf: [ 47 ]
...
...
...                                                                                                                                                
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: Executing command: /usr/lib/opennds/libopennds.sh clean                                                        
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: Reading command output                                                                                         
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: command output: [/tmp]                                                                                         
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: safe_snprintf: [ 16 ]                                                                                          
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: Executing command: /usr/lib/opennds/libopennds.sh "pad_string" "left" "00000000" "30000"                       
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: Reading command output                                                                                         
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: command output: [00030000]                                                                                     
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: Authentication mark: 0x00030000                                                                                
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: Executing command: /usr/lib/opennds/dnsconfig.sh "revert"                                                      
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: Reading command output                                                                                         
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: command output: [done]                                                                                         
Mon Apr  8 17:39:08 2024 daemon.info opennds[4794]: Revert request sent                                                                                             
Mon Apr  8 17:39:08 2024 daemon.info opennds[4794]: tmpfs mountpoint is [/tmp]                                                                                      
Mon Apr  8 17:39:08 2024 daemon.notice opennds[4794]: MHD version is 0.9.75                                                                                         
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: Executing command: /usr/lib/opennds/libopennds.sh gatewayroute "br-lan.10"                                     
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: Reading command output                                                                                         
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: command output: [online:192.168.1.1,eth0 ]                                                                     
Mon Apr  8 17:39:08 2024 daemon.notice opennds[4794]: Number of Upstream gateway(s) [ 1 ]                                                                           
Mon Apr  8 17:39:08 2024 daemon.notice opennds[4794]: Upstream gateway(s) [ online:192.168.1.1,eth0  ]                                                              
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: Online Status [ 1 ]                                                                                            
Mon Apr  8 17:39:08 2024 daemon.notice opennds[4794]: Preemptive authentication is enabled                                                                          
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: safe_snprintf: [ 71 ]                                                                                          
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: Executing command: /usr/lib/opennds/dnsconfig.sh "hostconf" "192.168.10.1" "status.client"                     
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: Reading command output                                                                                         
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: command output: [done]                                                                                         
Mon Apr  8 17:39:08 2024 daemon.info opennds[4794]: Client status Page: Configured                                                                                  
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: Enabling RFC8910 support                                                                                       
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: safe_snprintf: [ 56 ]                                                                                          
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: Executing command: /usr/lib/opennds/dnsconfig.sh "cpidconf" "status.client"                                    
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: Reading command output                                                                                         
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: command output: [done]                                                                                         
Mon Apr  8 17:39:08 2024 daemon.info opennds[4794]: RFC8910 support is enabled                                                                                      
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: safe_snprintf: [ 45 ]                                                                                          
Mon Apr  8 17:39:08 2024 daemon.debug opennds[4794]: restart command [ /usr/lib/opennds/dnsconfig.sh "restart_only"  ]                                              
Mon Apr  8 17:39:08 2024 daemon.info opennds[4794]: Dnsmasq restarting                                                                                              
Mon Apr  8 17:39:09 2024 daemon.debug opennds[4794]: Executing command: /usr/lib/opennds/libopennds.sh gatewayid "br-lan.10"                                        
Mon Apr  8 17:39:09 2024 daemon.debug opennds[4794]: Reading command output                                        Mon Apr  8 17:39:09 2024 daemon.debug opennds[4794]: command output: [602232436ffc]                                                                                 
Mon Apr  8 17:39:09 2024 daemon.notice opennds[4794]: Adding Serial Number suffix [602232436ffc] to gatewayname                                                     
Mon Apr  8 17:39:09 2024 daemon.debug opennds[4794]: HTML Entity encoded string: openNDS Node:602232436ffc , length: 26                                             
Mon Apr  8 17:39:09 2024 daemon.debug opennds[4794]: URL encoded string: openNDS%20Node%3a602232436ffc%20, length: 32                                               
Mon Apr  8 17:39:09 2024 daemon.debug opennds[4794]: Operating System Uptime: 2825 seconds                                                                          
Mon Apr  8 17:39:09 2024 daemon.info opennds[4794]: main: System Uptime is 2825 seconds                                                                             
Mon Apr  8 17:39:09 2024 daemon.info opennds[4794]: Setting started_time                                                                                            
Mon Apr  8 17:39:09 2024 daemon.info opennds[4794]: MHD Handle [2010844016]                                                                                         
Mon Apr  8 17:39:09 2024 daemon.notice opennds[4794]: Created web server on 192.168.10.1:2050                                                                       
Mon Apr  8 17:39:09 2024 daemon.notice opennds[4794]: Maximum Html Page size is [ 10240 ] Bytes                                                                     
Mon Apr  8 17:39:09 2024 daemon.notice opennds[4794]: Socket access at /tmp/ndsctl.sock                                                                             
Mon Apr  8 17:39:09 2024 daemon.notice opennds[4794]: Click to Continue option is Enabled.                                                                          
Mon Apr  8 17:39:09 2024 daemon.notice opennds[4794]: Preauth is Enabled - Overriding FAS configuration.                                                            
Mon Apr  8 17:39:09 2024 daemon.info opennds[4794]: Preauth Script is /usr/lib/opennds/libopennds.sh                                                                
Mon Apr  8 17:39:09 2024 daemon.info opennds[4794]: fas_secure_enabled is set to level 1                                                                            
Mon Apr  8 17:39:09 2024 daemon.info opennds[4794]: fasremoteip - 192.168.10.1 - is a valid IPv4 address...                                                         
Mon Apr  8 17:39:09 2024 daemon.debug opennds[4794]: Executing command: printf 'test' | sha256sum                                                                   
Mon Apr  8 17:39:09 2024 daemon.debug opennds[4794]: Reading command output                                                                                         
Mon Apr  8 17:39:09 2024 daemon.debug opennds[4794]: command output: [9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08  - ]                         
Mon Apr  8 17:39:09 2024 daemon.notice opennds[4794]: sha256sum provider is available                                                                               
Mon Apr  8 17:39:09 2024 daemon.debug opennds[4794]: safe_snprintf: [ 42 ]                                                                                          
Mon Apr  8 17:39:09 2024 daemon.debug opennds[4794]: fasurl (fqdn) is http://status.client:2050/opennds_preauth/                                                    
Mon Apr  8 17:39:09 2024 daemon.info opennds[4794]: FAS FQDN is: status.client                                                                                      
Mon Apr  8 17:39:09 2024 daemon.notice opennds[4794]: Forwarding Authentication is Enabled.                                                                         
Mon Apr  8 17:39:09 2024 daemon.notice opennds[4794]: Binauth is Enabled.                                                                                           
Mon Apr  8 17:39:09 2024 daemon.info opennds[4794]: Binauth Script is /usr/lib/opennds/binauth_log.sh                                                               
Mon Apr  8 17:39:09 2024 daemon.debug opennds[4794]: SIGCHLD handler: Process PID 7450 exited due to signal 15                                                      
Mon Apr  8 17:39:11 2024 daemon.debug opennds[4794]: safe_snprintf: [ 47 ]                                                                                          
Mon Apr  8 17:39:11 2024 daemon.debug opennds[4794]: Executing command: /usr/lib/opennds/libopennds.sh "debuglevel" "3"                                             
Mon Apr  8 17:39:11 2024 daemon.debug opennds[4794]: Reading command output                                                                                         
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: command output: [3]                                                                                            
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: debuglevel [3] signaled to externals - [3] acknowledged                                                        
Mon Apr  8 17:39:12 2024 daemon.notice opennds[4794]: Externals flagged with debuglevel 3.                                                                          
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: /usr/lib/opennds/libopennds.sh write ndsinfo '/tmp' 'tmpfsmountpoint="/tmp"'                
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Reading command output                                                                                         
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: command output: [done]                                                                                         
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: /usr/lib/opennds/libopennds.sh write ndsinfo '/tmp' 'gatewaynamehtml="openNDS Node:602232436
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Reading command output                                                                                         
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: command output: [done]                                                                                         
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: /usr/lib/opennds/libopennds.sh write ndsinfo '/tmp' 'gatewayaddress="192.168.10.1"'         
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Reading command output                                                                                         
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: command output: [done]                                                                                         
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: /usr/lib/opennds/libopennds.sh write ndsinfo '/tmp' 'gatewayfqdn="status.client"'           
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Reading command output                                                                                         
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: command output: [done]                                                                                         
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: /usr/lib/opennds/libopennds.sh write ndsinfo '/tmp' 'version=10.2.0'                        
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Reading command output                                                                                         
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: command output: [done]                                                                                         
Mon Apr  8 17:39:12 2024 daemon.notice opennds[4794]: Initializing firewall rules                                                                                   
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Locking config                                                                                                 
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Config locked                                                                                                  
Mon Apr  8 17:39:12 2024 daemon.info opennds[4794]: fas_remotefqdn [ status.client ]                          Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Unlocking config                                                                                               
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Config unlocked                                                                                                
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables mark Preauthenticated: 0x0                                                                            
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables mark Authenticated: 0x30000                                                                           
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Inftables mark Trusted: 0x20000                                                                                
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft add chain ip nds_mangle ndsTRU                                                          
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ add chain ip nds_mangle ndsTRU ], iteration [ 0 ]return code [ 0 ]                          
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft add chain ip nds_mangle ndsINC                                                          
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ add chain ip nds_mangle ndsINC ], iteration [ 0 ]return code [ 0 ]                          
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft add chain ip nds_mangle ndsDLR                                                          
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ add chain ip nds_mangle ndsDLR ], iteration [ 0 ]return code [ 0 ]                          
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft add chain ip nds_mangle ndsOUT                                                          
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ add chain ip nds_mangle ndsOUT ], iteration [ 0 ]return code [ 0 ]                          
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft insert rule ip nds_mangle ndsPRE iifname "br-lan.10" counter jump ndsOUT                
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ insert rule ip nds_mangle ndsPRE iifname "br-lan.10" counter jump ndsOUT ], iteration [ 0 ]r
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft insert rule ip nds_mangle ndsPRE iifname "br-lan.10" counter jump ndsTRU                
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ insert rule ip nds_mangle ndsPRE iifname "br-lan.10" counter jump ndsTRU ], iteration [ 0 ]r
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft insert rule ip nds_mangle ndsPOST oifname "br-lan.10" counter jump ndsINC               
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ insert rule ip nds_mangle ndsPOST oifname "br-lan.10" counter jump ndsINC ], iteration [ 0 ]
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft insert rule ip nds_mangle ndsINC oifname "br-lan.10" counter jump nds_ft_INC            
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ insert rule ip nds_mangle ndsINC oifname "br-lan.10" counter jump nds_ft_INC ], iteration [ 
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft insert rule ip nds_mangle ndsINC oifname "br-lan.10" counter jump ndsDLR                
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ insert rule ip nds_mangle ndsINC oifname "br-lan.10" counter jump ndsDLR ], iteration [ 0 ]r
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft add chain ip nds_nat ndsOUT                                                             
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ add chain ip nds_nat ndsOUT ], iteration [ 0 ]return code [ 0 ]                             
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft insert rule ip nds_nat ndsPRE iifname "br-lan.10" counter jump ndsOUT                   
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ insert rule ip nds_nat ndsPRE iifname "br-lan.10" counter jump ndsOUT ], iteration [ 0 ]retu
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft add rule ip nds_nat ndsOUT mark and 0x30000 == 0x20000 counter return                   
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ add rule ip nds_nat ndsOUT mark and 0x30000 == 0x20000 counter return ], iteration [ 0 ]retu
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft add rule ip nds_nat ndsOUT mark and 0x30000 == 0x30000 counter return                   
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ add rule ip nds_nat ndsOUT mark and 0x30000 == 0x30000 counter return ], iteration [ 0 ]retu
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft add rule ip nds_nat ndsOUT ip daddr status.client tcp dport 2050 counter accept         
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ add rule ip nds_nat ndsOUT ip daddr status.client tcp dport 2050 counter accept ], iteration
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft add rule ip nds_nat ndsOUT tcp dport 80 counter dnat to 192.168.10.1:2050               
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ add rule ip nds_nat ndsOUT tcp dport 80 counter dnat to 192.168.10.1:2050 ], iteration [ 0 ]
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft add rule ip nds_nat ndsOUT counter accept                                               
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ add rule ip nds_nat ndsOUT counter accept ], iteration [ 0 ]return code [ 0 ]               
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft insert rule ip nds_nat ndsOUT ip daddr 192.168.10.1 tcp dport 80 counter redirect to :20
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ insert rule ip nds_nat ndsOUT ip daddr 192.168.10.1 tcp dport 80 counter redirect to :2050 ]
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft add chain ip nds_filter ndsNET                                                          
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ add chain ip nds_filter ndsNET ], iteration [ 0 ]return code [ 0 ]                          
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft add chain ip nds_filter ndsRTR                                                          
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ add chain ip nds_filter ndsRTR ], iteration [ 0 ]return code [ 0 ]                          
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft add chain ip nds_filter ndsAUT                                                          
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ add chain ip nds_filter ndsAUT ], iteration [ 0 ]return code [ 0 ]                          
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft add chain ip nds_filter ndsULR                                                          
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ add chain ip nds_filter ndsULR ], iteration [ 0 ]return code [ 0 ]                          
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft add chain ip nds_filter nds_ft_OUT                                                      
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ add chain ip nds_filter nds_ft_OUT ], iteration [ 0 ]return code [ 0 ]                      
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft insert rule ip nds_filter ndsINP iifname "br-lan.10" counter jump ndsRTR                
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: nftables command [ insert rule ip nds_filter ndsINP iifname "br-lan.10" counter jump ndsRTR ], iteration [ 0 ]r
Mon Apr  8 17:39:12 2024 daemon.debug opennds[4794]: Executing command: nft add rule ip nds_filter ndsRTR ct state invalid counter drop           
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: nftables command [ add rule ip nds_filter ndsRTR ct state invalid counter drop ], iteration [ 0 ]return code [ 
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: Executing command: nft add rule ip nds_filter ndsRTR tcp dport 2050 counter accept                             
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: nftables command [ add rule ip nds_filter ndsRTR tcp dport 2050 counter accept ], iteration [ 0 ]return code [ 
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: Executing command: nft insert rule ip nds_filter ndsFWD iifname "br-lan.10" counter jump ndsNET                
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: nftables command [ insert rule ip nds_filter ndsFWD iifname "br-lan.10" counter jump ndsNET ], iteration [ 0 ]r
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: Executing command: nft add rule ip nds_filter ndsNET ct state invalid counter drop                             
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: nftables command [ add rule ip nds_filter ndsNET ct state invalid counter drop ], iteration [ 0 ]return code [ 
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: Executing command: nft add rule ip nds_filter ndsNET ip daddr status.client tcp dport 2050 counter accept      
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: nftables command [ add rule ip nds_filter ndsNET ip daddr status.client tcp dport 2050 counter accept ], iterat
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: Executing command: nft add rule ip nds_filter ndsNET mark and 0x30000 == 0x20000 counter accept                
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: nftables command [ add rule ip nds_filter ndsNET mark and 0x30000 == 0x20000 counter accept ], iteration [ 0 ]r
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: Executing command: nft add rule ip nds_filter ndsNET mark and 0x30000 == 0x30000 counter goto ndsAUT           
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: nftables command [ add rule ip nds_filter ndsNET mark and 0x30000 == 0x30000 counter goto ndsAUT ], iteration [
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: Executing command: nft add rule ip nds_filter ndsAUT counter jump ndsULR                                       
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: nftables command [ add rule ip nds_filter ndsAUT counter jump ndsULR ], iteration [ 0 ]return code [ 0 ]       
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: Executing command: nft add rule ip nds_filter ndsAUT counter jump nds_ft_OUT                                   
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: nftables command [ add rule ip nds_filter ndsAUT counter jump nds_ft_OUT ], iteration [ 0 ]return code [ 0 ]   
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: Executing command: nft add rule ip nds_filter ndsAUT counter accept                                            
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: nftables command [ add rule ip nds_filter ndsAUT counter accept ], iteration [ 0 ]return code [ 0 ]            
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: Executing command: nft add rule ip nds_filter ndsNET counter reject                                            
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: nftables command [ add rule ip nds_filter ndsNET counter reject ], iteration [ 0 ]return code [ 0 ]            
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: safe_snprintf: [ 46 ]                                                                                          
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: restart command [ /usr/lib/opennds/dnsconfig.sh "restart_only" & ]                                             
Mon Apr  8 17:39:13 2024 daemon.info opennds[4794]: Dnsmasq restarted                                                                                               
Mon Apr  8 17:39:13 2024 daemon.err opennds[4794]: Error initializing firewall rules! Cleaning up                                                                   
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: Destroying our nftables entries                                                                                
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: Executing command: /usr/lib/opennds/libopennds.sh "delete_chains"                                              
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: Reading command output                                                                                         
Mon Apr  8 17:39:13 2024 daemon.debug opennds[4794]: command output: []                                                                                             
Mon Apr  8 17:39:13 2024 daemon.info opennds[4794]: Chain delete request sent                                                                                       
Mon Apr  8 17:39:13 2024 daemon.err opennds[4794]: Exiting because of error initializing firewall rules 

It is failing because openNDS is unable to resolve the gatewayfqdn.
By default this is status.client and should resolve to the ipv4 address of gatewayinterface (br-lan.10)

1 Like

same problem here.not working.

"not working" is what your issue have in common with OPs ?