strange thing happens here.
every time my ONT reboots, the openwrt router on ipv4 Wan gets a ip in the range of 10.15.XX.XXX
i know this ip is related to VLAN 220 and used for VOIP.
if i restart the interface, a normal internet ip in the range of 177.153.X.XXX returns and ipv4 connection works. If i sucessive restart the interface, i always get internet IP instead of VOIP, only the boot return a VOIP IP range.
any1 know a way to solve this?
where do i put these commands?
any way i can use Luci interface for it?
thank you very much
would be nice if Luci has a interface for setting up exclude ip ranges like this command.
after a couple days of testing, i noticed that this command did not work, unfortunately
this is the result
==> /etc/hotplug.d/iface/00-netstate <==
[ ifup = "$ACTION" ] && {
uci_toggle_state network "$INTERFACE" up 1
[ -n "$DEVICE" ] && {
uci_toggle_state network "$INTERFACE" ifname "$DEVICE"
}
}
==> /etc/hotplug.d/iface/11-sqm <==
#!/bin.sh
. /lib/functions.sh
[ -n "$DEVICE" ] || exit 0
list_ports() {
local section
local find_name
local devname
section="$1"
find_name="$2"
devname=$(config_get "$section" "name")
[ "$devname" = "$find_name" ] || return
config_get "$section" "ports"
}
ports_for_device() {
local devname
devname=$1
[ -z "$devname" ] && return
config_load network
config_foreach list_ports device "$devname"
}
ALL_DEVICES=$(echo $DEVICE $(uci -q get network.$INTERFACE.ifname) $(ports_for_device $(uci -q get network.$INTERFACE.device)) | tr ' ' '\n' | sort -u)
restart_sqm() {
for dev in $ALL_DEVICES; do
/usr/lib/sqm/run.sh stop $dev
/usr/lib/sqm/run.sh start $dev
done
}
[ "$ACTION" = ifup ] && /etc/init.d/sqm enabled && restart_sqm
if [ "$ACTION" = ifdown ]; then
for dev in $ALL_DEVICES; do
/usr/lib/sqm/run.sh stop $dev
done
fi
==> /etc/hotplug.d/iface/20-firewall <==
#!/bin/sh
has_zone() {
fw4 -q network "$INTERFACE" >/dev/null && return 0
eval $(ubus call "network.interface.$INTERFACE" status | jsonfilter -e 'ZONE=@.data.zone')
fw4 -q zone "$ZONE" >/dev/null
}
[ "$ACTION" = ifup -o "$ACTION" = ifupdate ] || exit 0
[ "$ACTION" = ifupdate -a -z "$IFUPDATE_ADDRESSES" -a -z "$IFUPDATE_DATA" ] && exit 0
/etc/init.d/firewall enabled || exit 0
has_zone || exit 0
logger -t firewall "Reloading firewall due to $ACTION of $INTERFACE ($DEVICE)"
fw4 -q reload
==> /etc/hotplug.d/online/10-wan-ipaddr <==
. /lib/functions/network.sh
network_flush_cache
network_find_wan WAN_IF
network_get_ipaddr WAN_ADDR "${WAN_IF}"
if [ "${WAN_IF}" != "${INTERFACE}" ]
then exit 0
fi
case ${WAN_ADDR} in
(10.*|192.168.*) ;;
(*) exit 0 ;;
esac
sleep 10
ifup ${INTERFACE}
head: /etc/udhcpc.user.d/*: No such file or directory
root@OpenWrt:~#
what is this? a pkg to download and install?
i pasted that code on my router via SSH, still not functioning. if i reboot ISP modem at bridge, first IP that openwrt gets is the VOIP range of 10.XXX.X.XX
same thing happened if i reboot ISP modem and Openwrt Router, still need to restart WAN interface after obtaining the first VOIP IP to get a internet IP on ipv4.
btw how can i remove that hotplug config to return back to default settings?
can you point me out the code i have to paste into SSH? im really newbie into openwrt configuration
this is the result
root@OpenWrt:~# uci show network; uci show dhcp; uci show firewall
network.loopback=interface
network.loopback.device='lo'
network.loopback.proto='static'
network.loopback.ipaddr='127.0.0.1'
network.loopback.netmask='255.0.0.0'
network.globals=globals
network.globals.packet_steering='1'
network.@device[0]=device
network.@device[0].name='br-lan'
network.@device[0].type='bridge'
network.@device[0].ports='lan1' 'lan2' 'lan3' 'lan4'
network.lan=interface
network.lan.device='br-lan'
network.lan.proto='static'
network.lan.ipaddr='192.168.2.1'
network.lan.netmask='255.255.255.0'
network.lan.ip6assign='64'
network.lan.defaultroute='0'
network.lan.delegate='0'
network.lan.ip6hint='5'
network.lan.ip6ifaceid='::99'
network.wan=interface
network.wan.device='wan'
network.wan.proto='dhcp'
network.wan.peerdns='0'
network.wan.dns='1.1.1.1' '1.0.0.1'
network.wan6=interface
network.wan6.device='wan'
network.wan6.proto='dhcpv6'
network.wan6.reqaddress='try'
network.wan6.reqprefix='auto'
network.wan6.peerdns='0'
network.wan6.dns='2606:4700:4700::1111' '2606:4700:4700::1001'
network.ONT=interface
network.ONT.proto='static'
network.ONT.device='@wan'
network.ONT.ipaddr='192.168.1.2'
network.ONT.netmask='255.255.255.0'
dhcp.@dnsmasq[0]=dnsmasq
dhcp.@dnsmasq[0].domainneeded='1'
dhcp.@dnsmasq[0].localise_queries='1'
dhcp.@dnsmasq[0].rebind_protection='1'
dhcp.@dnsmasq[0].rebind_localhost='1'
dhcp.@dnsmasq[0].local='/lan/'
dhcp.@dnsmasq[0].domain='lan'
dhcp.@dnsmasq[0].expandhosts='1'
dhcp.@dnsmasq[0].cachesize='1000'
dhcp.@dnsmasq[0].authoritative='1'
dhcp.@dnsmasq[0].readethers='1'
dhcp.@dnsmasq[0].leasefile='/tmp/dhcp.leases'
dhcp.@dnsmasq[0].resolvfile='/tmp/resolv.conf.d/resolv.conf.auto'
dhcp.@dnsmasq[0].localservice='1'
dhcp.@dnsmasq[0].ednspacket_max='1232'
dhcp.lan=dhcp
dhcp.lan.interface='lan'
dhcp.lan.start='100'
dhcp.lan.limit='150'
dhcp.lan.leasetime='12h'
dhcp.lan.dhcpv4='server'
dhcp.lan.ra='server'
dhcp.lan.dhcpv6='server'
dhcp.wan=dhcp
dhcp.wan.interface='wan'
dhcp.wan.ignore='1'
dhcp.odhcpd=odhcpd
dhcp.odhcpd.maindhcp='0'
dhcp.odhcpd.leasefile='/tmp/hosts/odhcpd'
dhcp.odhcpd.leasetrigger='/usr/sbin/odhcpd-update'
dhcp.odhcpd.loglevel='4'
firewall.@defaults[0]=defaults
firewall.@defaults[0].input='REJECT'
firewall.@defaults[0].output='ACCEPT'
firewall.@defaults[0].forward='REJECT'
firewall.@defaults[0].synflood_protect='1'
firewall.@defaults[0].flow_offloading='1'
firewall.@zone[0]=zone
firewall.@zone[0].name='lan'
firewall.@zone[0].network='lan'
firewall.@zone[0].input='ACCEPT'
firewall.@zone[0].output='ACCEPT'
firewall.@zone[0].forward='ACCEPT'
firewall.@zone[1]=zone
firewall.@zone[1].name='wan'
firewall.@zone[1].input='REJECT'
firewall.@zone[1].output='ACCEPT'
firewall.@zone[1].forward='REJECT'
firewall.@zone[1].mtu_fix='1'
firewall.@zone[1].network='ONT' 'wan' 'wan6'
firewall.@zone[1].masq='1'
firewall.@forwarding[0]=forwarding
firewall.@forwarding[0].src='lan'
firewall.@forwarding[0].dest='wan'
firewall.@rule[0]=rule
firewall.@rule[0].name='Allow-DHCP-Renew'
firewall.@rule[0].src='wan'
firewall.@rule[0].proto='udp'
firewall.@rule[0].dest_port='68'
firewall.@rule[0].target='ACCEPT'
firewall.@rule[0].family='ipv4'
firewall.@rule[1]=rule
firewall.@rule[1].name='Allow-Ping'
firewall.@rule[1].src='wan'
firewall.@rule[1].proto='icmp'
firewall.@rule[1].icmp_type='echo-request'
firewall.@rule[1].family='ipv4'
firewall.@rule[1].target='ACCEPT'
firewall.@rule[2]=rule
firewall.@rule[2].name='Allow-IGMP'
firewall.@rule[2].src='wan'
firewall.@rule[2].proto='igmp'
firewall.@rule[2].family='ipv4'
firewall.@rule[2].target='ACCEPT'
firewall.@rule[3]=rule
firewall.@rule[3].name='Allow-DHCPv6'
firewall.@rule[3].src='wan'
firewall.@rule[3].proto='udp'
firewall.@rule[3].dest_port='546'
firewall.@rule[3].family='ipv6'
firewall.@rule[3].target='ACCEPT'
firewall.@rule[4]=rule
firewall.@rule[4].name='Allow-MLD'
firewall.@rule[4].src='wan'
firewall.@rule[4].proto='icmp'
firewall.@rule[4].src_ip='fe80::/10'
firewall.@rule[4].icmp_type='130/0' '131/0' '132/0' '143/0'
firewall.@rule[4].family='ipv6'
firewall.@rule[4].target='ACCEPT'
firewall.@rule[5]=rule
firewall.@rule[5].name='Allow-ICMPv6-Input'
firewall.@rule[5].src='wan'
firewall.@rule[5].proto='icmp'
firewall.@rule[5].icmp_type='echo-request' 'echo-reply' 'destination-unreachable' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type' 'router-solicitation' 'neighbour-solicitation' 'router-advertisement' 'neighbour-advertisement'
firewall.@rule[5].limit='1000/sec'
firewall.@rule[5].family='ipv6'
firewall.@rule[5].target='ACCEPT'
firewall.@rule[6]=rule
firewall.@rule[6].name='Allow-ICMPv6-Forward'
firewall.@rule[6].src='wan'
firewall.@rule[6].dest='*'
firewall.@rule[6].proto='icmp'
firewall.@rule[6].icmp_type='echo-request' 'echo-reply' 'destination-unreachable' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type'
firewall.@rule[6].limit='1000/sec'
firewall.@rule[6].family='ipv6'
firewall.@rule[6].target='ACCEPT'
firewall.@rule[7]=rule
firewall.@rule[7].name='Allow-IPSec-ESP'
firewall.@rule[7].src='wan'
firewall.@rule[7].dest='lan'
firewall.@rule[7].proto='esp'
firewall.@rule[7].target='ACCEPT'
firewall.@rule[8]=rule
firewall.@rule[8].name='Allow-ISAKMP'
firewall.@rule[8].src='wan'
firewall.@rule[8].dest='lan'
firewall.@rule[8].dest_port='500'
firewall.@rule[8].proto='udp'
firewall.@rule[8].target='ACCEPT'
root@OpenWrt:~# ip address show; ip route show table all; ip rule show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1504 qdisc mq state UP qlen 1000
link/ether b4:b0:24:82:34:f6 brd ff:ff:ff:ff:ff:ff
inet6 fe80::b6b0:24ff:fe82:34f6/64 scope link
valid_lft forever preferred_lft forever
3: wan@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc tbf state UP qlen 1000
link/ether b4:b0:24:82:34:f6 brd ff:ff:ff:ff:ff:ff
inet 10.22.158.4/21 brd 10.22.159.255 scope global wan
valid_lft forever preferred_lft forever
inet 192.168.1.2/24 brd 192.168.1.255 scope global wan
valid_lft forever preferred_lft forever
inet6 2804:d41:375:1d9::1/128 scope global dynamic noprefixroute
valid_lft 3571sec preferred_lft 3571sec
inet6 fe80::b6b0:24ff:fe82:34f6/64 scope link
valid_lft forever preferred_lft forever
4: lan1@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP qlen 1000
link/ether b4:b0:24:82:34:f6 brd ff:ff:ff:ff:ff:ff
5: lan2@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP qlen 1000
link/ether b4:b0:24:82:34:f6 brd ff:ff:ff:ff:ff:ff
6: lan3@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP qlen 1000
link/ether b4:b0:24:82:34:f6 brd ff:ff:ff:ff:ff:ff
7: lan4@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master br-lan state LOWERLAYERDOWN qlen 1000
link/ether b4:b0:24:82:34:f6 brd ff:ff:ff:ff:ff:ff
19: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether b4:b0:24:82:34:f6 brd ff:ff:ff:ff:ff:ff
inet 192.168.2.1/24 brd 192.168.2.255 scope global br-lan
valid_lft forever preferred_lft forever
inet6 2804:d41:c31e:bb05::99/64 scope global dynamic noprefixroute
valid_lft 3571sec preferred_lft 3571sec
inet6 fe80::b6b0:24ff:fe82:34f6/64 scope link
valid_lft forever preferred_lft forever
20: phy0-ap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP qlen 1000
link/ether b4:b0:24:82:34:f7 brd ff:ff:ff:ff:ff:ff
inet6 fe80::b6b0:24ff:fe82:34f7/64 scope link
valid_lft forever preferred_lft forever
21: phy1-ap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP qlen 1000
link/ether b4:b0:24:82:34:f8 brd ff:ff:ff:ff:ff:ff
inet6 fe80::b6b0:24ff:fe82:34f8/64 scope link
valid_lft forever preferred_lft forever
44: ifb4wan: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc tbf state UNKNOWN qlen 32
link/ether ea:b1:3f:24:37:1d brd ff:ff:ff:ff:ff:ff
inet6 fe80::e8b1:3fff:fe24:371d/64 scope link
valid_lft forever preferred_lft forever
default via 10.22.152.1 dev wan src 10.22.158.4
10.22.152.0/21 dev wan scope link src 10.22.158.4
192.168.1.0/24 dev wan scope link src 192.168.1.2
192.168.2.0/24 dev br-lan scope link src 192.168.2.1
local 10.22.158.4 dev wan table local scope host src 10.22.158.4
broadcast 10.22.159.255 dev wan table local scope link src 10.22.158.4
local 127.0.0.0/8 dev lo table local scope host src 127.0.0.1
local 127.0.0.1 dev lo table local scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local scope link src 127.0.0.1
local 192.168.1.2 dev wan table local scope host src 192.168.1.2
broadcast 192.168.1.255 dev wan table local scope link src 192.168.1.2
local 192.168.2.1 dev br-lan table local scope host src 192.168.2.1
broadcast 192.168.2.255 dev br-lan table local scope link src 192.168.2.1
default from 2804:d41:375:1d9::1 via fe80::a67b:2cff:fe4d:ee1f dev wan metric 512
default from 2804:d41:c31e:bb00::/56 via fe80::a67b:2cff:fe4d:ee1f dev wan metric 512
2804:d41:c31e:bb05::/64 dev br-lan metric 256 expires 0sec
2804:d41:c31e:bb05::/64 dev br-lan metric 1024
unreachable 2804:d41:c31e:bb00::/56 dev lo metric 2147483647
fe80::/64 dev eth0 metric 256
fe80::/64 dev br-lan metric 256
fe80::/64 dev phy0-ap0 metric 256
fe80::/64 dev wan metric 256
fe80::/64 dev phy1-ap0 metric 256
fe80::/64 dev ifb4wan metric 256
local ::1 dev lo table local metric 0
local 2804:d41:375:1d9::1 dev wan table local metric 0
anycast 2804:d41:c31e:bb05:: dev br-lan table local metric 0
local 2804:d41:c31e:bb05::99 dev br-lan table local metric 0
anycast fe80:: dev eth0 table local metric 0
anycast fe80:: dev br-lan table local metric 0
anycast fe80:: dev phy0-ap0 table local metric 0
anycast fe80:: dev wan table local metric 0
anycast fe80:: dev phy1-ap0 table local metric 0
anycast fe80:: dev ifb4wan table local metric 0
local fe80::b6b0:24ff:fe82:34f6 dev eth0 table local metric 0
local fe80::b6b0:24ff:fe82:34f6 dev br-lan table local metric 0
local fe80::b6b0:24ff:fe82:34f6 dev wan table local metric 0
local fe80::b6b0:24ff:fe82:34f7 dev phy0-ap0 table local metric 0
local fe80::b6b0:24ff:fe82:34f8 dev phy1-ap0 table local metric 0
local fe80::e8b1:3fff:fe24:371d dev ifb4wan table local metric 0
multicast ff00::/8 dev eth0 table local metric 256
multicast ff00::/8 dev br-lan table local metric 256
multicast ff00::/8 dev phy0-ap0 table local metric 256
multicast ff00::/8 dev wan table local metric 256
multicast ff00::/8 dev phy1-ap0 table local metric 256
multicast ff00::/8 dev ifb4wan table local metric 256
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
root@OpenWrt:~#
using:
# Put your custom commands here that should be executed once
# the system init finished. By default this file does nothing.
sleep 180 && service network restart &
exit 0
the router automatic restart wan interface and problem is solved.
credits to @dsouza
Good to know it works. As we discussed in the Brazilian forum, you may try restarting only the wan interface by replacing the above solution in the /etc/rc.local file by:
# Put your custom commands here that should be executed once
# the system init finished. By default this file does nothing.
sleep 180 && ifdown wan && sleep 3 && ifup wan &
exit 0
Anyway, this is only a workaround. Ideally you would need to understand why the VoIP VLAN is being exposed to your WAN interface (I'm assuming you are filtering the Internet VLAN in the bridge connection in your ONT, this is a starting point to be investigated).
BTW, is Vivo your ISP? I had it sometime ago, and I had a similar problem, but I was using the provided ISP HGU in bridge mode with my R4S OpenWrt router. I finally solved it as documented here (in Portuguese). If Vivo is your provider, then this is likely an issue in the ISP PPPoE server.
did test succesfully the command
# Put your custom commands here that should be executed once
# the system init finished. By default this file does nothing.
sleep 180 && ifdown wan && sleep 3 && ifup wan &
exit 0
and it works.