When I go over your advise and running commands following output got my attention
root@OpenWrt:~# nslookup duckduckgo.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: duckduckgo.com
Address 1: 40.114.177.156
*** Can't find duckduckgo.com: No answer
root@OpenWrt:~#
This is after I changed my DNS server from LAN to PPPoE. Just to be complete, below is current output of earlier asked commands:
root@OpenWrt:~# ubus call system board; \
> uci export network; uci export wireless; \
> uci export dhcp; uci export firewall; \
> head -n -0 /etc/firewall.user; \
> iptables-save -c; \
> ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
> ls -l /etc/resolv.* /tmp/resolv.*; head -n -0 /etc/resolv.* /tmp/resolv.*
{
"kernel": "4.14.195",
"hostname": "OpenWrt",
"system": "Qualcomm Atheros QCA956X ver 1 rev 0",
"model": "TP-Link Archer C7 v5",
"board_name": "tplink,archer-c7-v5",
"release": {
"distribution": "OpenWrt",
"version": "19.07.4",
"revision": "r11208-ce6496d796",
"target": "ath79/generic",
"description": "OpenWrt 19.07.4 r11208-ce6496d796"
}
}
package network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd91:8a85:4db7::/48'
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.8.1'
config interface 'wan'
option ifname 'eth0.2'
option proto 'pppoe'
option username '[snip]'
option password '[snip]'
option keepalive '6 10'
option ipv6 '0'
list dns '8.8.8.8'
option peerdns '0'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '2 3 4 5 0t'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '1 0t'
package wireless
config wifi-device 'radio0'
option type 'mac80211'
option channel '36'
option hwmode '11a'
option path 'pci0000:00/0000:00:00.0'
option htmode 'VHT80'
option txpower '23'
option legacy_rates '1'
option country 'TR'
option disabled '1'
config wifi-iface 'default_radio0'
option device 'radio0'
option mode 'ap'
option key '[snip]'
option wds '1'
option ssid 'OpenWrt_5G'
option encryption 'psk2'
option network 'lan'
option disabled '1'
config wifi-device 'radio1'
option type 'mac80211'
option hwmode '11g'
option country 'TR'
option legacy_rates '0'
option txpower '20'
option channel 'auto'
option path 'platform/ahb/18100000.wmac'
config wifi-iface 'default_radio1'
option device 'radio1'
option mode 'ap'
option key '[snip]'
option ssid 'OpenWrt'
option network 'lan'
option encryption 'psk-mixed'
config wifi-device 'radio2'
option type 'mac80211'
option channel '11'
option hwmode '11g'
option htmode 'HT20'
option disabled '1'
option path 'platform/ahb/18100000.wmac'
config wifi-iface 'default_radio2'
option device 'radio2'
option network 'lan'
option mode 'ap'
option ssid 'OpenWrt'
option encryption 'none'
package dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option nonwildcard '1'
option localservice '1'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option dhcpv6 'server'
option ra 'server'
option ra_management '1'
option leasetime '48h'
option force '1'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config host
option dns '1'
option mac 'B8:27:EB:AF:5F:31'
option name 'RaspberryPi3_WiFi'
option ip '192.168.8.92'
config host
option dns '1'
option mac 'DC:A6:32:02:59:DC'
option ip '192.168.8.90'
option name 'RaspberryPi4_WiFi'
config host
option name 'RaspberryPi4_LAN'
option dns '1'
option mac 'DC:A6:32:02:59:DB'
option ip '192.168.8.91'
config host
option mac '2C:4D:54:56:C9:F9'
option name 'ErtanPC'
option dns '1'
option ip '192.168.1.99'
config host
option mac '70:85:C2:7B:26:24'
option name 'FreeNAS'
option dns '1'
option ip '192.168.8.2'
config host
option mac 'b8:27:eb:fa:0a:64'
option name 'RaspberryPi3_LAN'
option dns '1'
option ip '192.168.8.93'
config host
option mac 'B8:27:EB:15:51:4B'
option name 'PiZeroW_WiFi'
option dns '1'
option ip '192.168.8.94'
package firewall
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'lan'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
option network 'wan'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
# This file is interpreted as shell script.
# Put your custom iptables rules here, they will
# be executed with each firewall (re-)start.
# Internal uci firewall chains are flushed and recreated on reload, so
# put custom rules into the root chains e.g. INPUT or FORWARD or into the
# special user chains, e.g. input_wan_rule or postrouting_lan_rule.
# Generated by iptables-save v1.8.3 on Thu Oct 29 15:22:27 2020
*nat
:PREROUTING ACCEPT [161041:12300265]
:INPUT ACCEPT [10511:803326]
:OUTPUT ACCEPT [12814:884186]
:POSTROUTING ACCEPT [170:20402]
:postrouting_lan_rule - [0:0]
:postrouting_rule - [0:0]
:postrouting_wan_rule - [0:0]
:prerouting_lan_rule - [0:0]
:prerouting_rule - [0:0]
:prerouting_wan_rule - [0:0]
:zone_lan_postrouting - [0:0]
:zone_lan_prerouting - [0:0]
:zone_wan_postrouting - [0:0]
:zone_wan_prerouting - [0:0]
[161041:12300265] -A PREROUTING -m comment --comment "!fw3: Custom prerouting rule chain" -j prerouting_rule
[39009:4398626] -A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_lan_prerouting
[121100:7750799] -A PREROUTING -i pppoe-wan -m comment --comment "!fw3" -j zone_wan_prerouting
[28443:1862935] -A POSTROUTING -m comment --comment "!fw3: Custom postrouting rule chain" -j postrouting_rule
[35:10741] -A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_lan_postrouting
[28273:1842533] -A POSTROUTING -o pppoe-wan -m comment --comment "!fw3" -j zone_wan_postrouting
[35:10741] -A zone_lan_postrouting -m comment --comment "!fw3: Custom lan postrouting rule chain" -j postrouting_lan_rule
[39009:4398626] -A zone_lan_prerouting -m comment --comment "!fw3: Custom lan prerouting rule chain" -j prerouting_lan_rule
[28273:1842533] -A zone_wan_postrouting -m comment --comment "!fw3: Custom wan postrouting rule chain" -j postrouting_wan_rule
[28273:1842533] -A zone_wan_postrouting -m comment --comment "!fw3" -j MASQUERADE
[121100:7750799] -A zone_wan_prerouting -m comment --comment "!fw3: Custom wan prerouting rule chain" -j prerouting_wan_rule
COMMIT
# Completed on Thu Oct 29 15:22:27 2020
# Generated by iptables-save v1.8.3 on Thu Oct 29 15:22:27 2020
*mangle
:PREROUTING ACCEPT [3103787:2381863281]
:INPUT ACCEPT [142744:41516236]
:FORWARD ACCEPT [2947227:2337579054]
:OUTPUT ACCEPT [95613:11336970]
:POSTROUTING ACCEPT [2918182:2340696189]
[19324:1051760] -A FORWARD -o pppoe-wan -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
[10788:577592] -A FORWARD -i pppoe-wan -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
COMMIT
# Completed on Thu Oct 29 15:22:27 2020
# Generated by iptables-save v1.8.3 on Thu Oct 29 15:22:27 2020
*filter
:INPUT ACCEPT [97969:31582849]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:forwarding_lan_rule - [0:0]
:forwarding_rule - [0:0]
:forwarding_wan_rule - [0:0]
:input_lan_rule - [0:0]
:input_rule - [0:0]
:input_wan_rule - [0:0]
:output_lan_rule - [0:0]
:output_rule - [0:0]
:output_wan_rule - [0:0]
:reject - [0:0]
:syn_flood - [0:0]
:zone_lan_dest_ACCEPT - [0:0]
:zone_lan_forward - [0:0]
:zone_lan_input - [0:0]
:zone_lan_output - [0:0]
:zone_lan_src_ACCEPT - [0:0]
:zone_wan_dest_ACCEPT - [0:0]
:zone_wan_dest_REJECT - [0:0]
:zone_wan_forward - [0:0]
:zone_wan_input - [0:0]
:zone_wan_output - [0:0]
:zone_wan_src_REJECT - [0:0]
[1027:116332] -A INPUT -i lo -m comment --comment "!fw3" -j ACCEPT
[141719:41399984] -A INPUT -m comment --comment "!fw3: Custom input rule chain" -j input_rule
[19329:5115396] -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
[61:3220] -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m comment --comment "!fw3" -j syn_flood
[24312:4695033] -A INPUT -i br-lan -m comment --comment "!fw3" -j zone_lan_input
[109:6706] -A INPUT -i pppoe-wan -m comment --comment "!fw3" -j zone_wan_input
[2947227:2337579054] -A FORWARD -m comment --comment "!fw3: Custom forwarding rule chain" -j forwarding_rule
[2793632:2327364430] -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
[32518:2465708] -A FORWARD -i br-lan -m comment --comment "!fw3" -j zone_lan_forward
[121076:7748864] -A FORWARD -i pppoe-wan -m comment --comment "!fw3" -j zone_wan_forward
[1:52] -A FORWARD -m comment --comment "!fw3" -j reject
[1027:116332] -A OUTPUT -o lo -m comment --comment "!fw3" -j ACCEPT
[94584:11221106] -A OUTPUT -m comment --comment "!fw3: Custom output rule chain" -j output_rule
[79933:9934727] -A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
[91:29472] -A OUTPUT -o br-lan -m comment --comment "!fw3" -j zone_lan_output
[14560:1256907] -A OUTPUT -o pppoe-wan -m comment --comment "!fw3" -j zone_wan_output
[101:6155] -A reject -p tcp -m comment --comment "!fw3" -j REJECT --reject-with tcp-reset
[121085:7749467] -A reject -m comment --comment "!fw3" -j REJECT --reject-with icmp-port-unreachable
[61:3220] -A syn_flood -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 25/sec --limit-burst 50 -m comment --comment "!fw3" -j RETURN
[0:0] -A syn_flood -m comment --comment "!fw3" -j DROP
[91:29472] -A zone_lan_dest_ACCEPT -o br-lan -m comment --comment "!fw3" -j ACCEPT
[32518:2465708] -A zone_lan_forward -m comment --comment "!fw3: Custom lan forwarding rule chain" -j forwarding_lan_rule
[32518:2465708] -A zone_lan_forward -m comment --comment "!fw3: Zone lan to wan forwarding policy" -j zone_wan_dest_ACCEPT
[0:0] -A zone_lan_forward -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port forwards" -j ACCEPT
[0:0] -A zone_lan_forward -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
[24312:4695033] -A zone_lan_input -m comment --comment "!fw3: Custom lan input rule chain" -j input_lan_rule
[0:0] -A zone_lan_input -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port redirections" -j ACCEPT
[24312:4695033] -A zone_lan_input -m comment --comment "!fw3" -j zone_lan_src_ACCEPT
[91:29472] -A zone_lan_output -m comment --comment "!fw3: Custom lan output rule chain" -j output_lan_rule
[91:29472] -A zone_lan_output -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
[24312:4695033] -A zone_lan_src_ACCEPT -i br-lan -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
[3576:470931] -A zone_wan_dest_ACCEPT -o pppoe-wan -m conntrack --ctstate INVALID -m comment --comment "!fw3: Prevent NAT leakage" -j DROP
[43502:3251684] -A zone_wan_dest_ACCEPT -o pppoe-wan -m comment --comment "!fw3" -j ACCEPT
[121076:7748864] -A zone_wan_dest_REJECT -o pppoe-wan -m comment --comment "!fw3" -j reject
[121076:7748864] -A zone_wan_forward -m comment --comment "!fw3: Custom wan forwarding rule chain" -j forwarding_wan_rule
[0:0] -A zone_wan_forward -p esp -m comment --comment "!fw3: Allow-IPSec-ESP" -j zone_lan_dest_ACCEPT
[0:0] -A zone_wan_forward -p udp -m udp --dport 500 -m comment --comment "!fw3: Allow-ISAKMP" -j zone_lan_dest_ACCEPT
[0:0] -A zone_wan_forward -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port forwards" -j ACCEPT
[121076:7748864] -A zone_wan_forward -m comment --comment "!fw3" -j zone_wan_dest_REJECT
[109:6706] -A zone_wan_input -m comment --comment "!fw3: Custom wan input rule chain" -j input_wan_rule
[0:0] -A zone_wan_input -p udp -m udp --dport 68 -m comment --comment "!fw3: Allow-DHCP-Renew" -j ACCEPT
[0:0] -A zone_wan_input -p icmp -m icmp --icmp-type 8 -m comment --comment "!fw3: Allow-Ping" -j ACCEPT
[0:0] -A zone_wan_input -p igmp -m comment --comment "!fw3: Allow-IGMP" -j ACCEPT
[0:0] -A zone_wan_input -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port redirections" -j ACCEPT
[109:6706] -A zone_wan_input -m comment --comment "!fw3" -j zone_wan_src_REJECT
[14560:1256907] -A zone_wan_output -m comment --comment "!fw3: Custom wan output rule chain" -j output_wan_rule
[14560:1256907] -A zone_wan_output -m comment --comment "!fw3" -j zone_wan_dest_ACCEPT
[109:6706] -A zone_wan_src_REJECT -i pppoe-wan -m comment --comment "!fw3" -j reject
COMMIT
# Completed on Thu Oct 29 15:22:27 2020
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
6: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
inet 192.168.8.1/24 brd 192.168.8.255 scope global br-lan
valid_lft forever preferred_lft forever
9: pppoe-wan: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc fq_codel state UNKNOWN qlen 3
inet 10.40.1.15 peer 10.40.0.1/32 scope global pppoe-wan
valid_lft forever preferred_lft forever
default via 10.40.0.1 dev pppoe-wan
10.40.0.1 dev pppoe-wan scope link src 10.40.1.15
192.168.8.0/24 dev br-lan scope link src 192.168.8.1
local 10.40.1.15 dev pppoe-wan table local scope host src 10.40.1.15
broadcast 127.0.0.0 dev lo table local scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local scope host src 127.0.0.1
local 127.0.0.1 dev lo table local scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local scope link src 127.0.0.1
broadcast 192.168.8.0 dev br-lan table local scope link src 192.168.8.1
local 192.168.8.1 dev br-lan table local scope host src 192.168.8.1
broadcast 192.168.8.255 dev br-lan table local scope link src 192.168.8.1
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
lrwxrwxrwx 1 root root 16 Sep 6 19:19 /etc/resolv.conf -> /tmp/resolv.conf
-rw-r--r-- 1 root root 32 Oct 28 21:44 /tmp/resolv.conf
-rw-r--r-- 1 root root 35 Oct 29 13:37 /tmp/resolv.conf.auto
-rw-r--r-- 1 root root 45 Oct 28 21:43 /tmp/resolv.conf.ppp
==> /etc/resolv.conf <==
search lan
nameserver 127.0.0.1
==> /tmp/resolv.conf <==
search lan
nameserver 127.0.0.1
==> /tmp/resolv.conf.auto <==
# Interface wan
nameserver 8.8.8.8
==> /tmp/resolv.conf.ppp <==
nameserver 213.194.110.17
nameserver 8.8.8.8
root@OpenWrt:~#
Here is tcpdump until I get "ERR_TIMED_OUT" on my computer browser
root@OpenWrt:~# tcpdump -i pppoe-wan -evn host 40.114.177.156
tcpdump: listening on pppoe-wan, link-type LINUX_SLL (Linux cooked v1), capture size 262144 bytes
15:23:51.752187 Out ethertype IPv4 (0x0800), length 68: (tos 0x0, ttl 127, id 15227, offset 0, flags [DF], proto TCP (6), length 52)
10.40.1.15.54576 > 40.114.177.156.443: Flags [S], cksum 0xdc6c (correct), seq 2671721546, win 64240, options [mss 1452,nop,wscale 8,nop,nop,sackOK], length 0
15:23:51.842717 Out ethertype IPv4 (0x0800), length 68: (tos 0x0, ttl 127, id 15228, offset 0, flags [DF], proto TCP (6), length 52)
10.40.1.15.54577 > 40.114.177.156.443: Flags [S], cksum 0x5d05 (correct), seq 576141465, win 64240, options [mss 1452,nop,wscale 8,nop,nop,sackOK], length 0
15:23:51.874461 In ethertype IPv4 (0x0800), length 68: (tos 0x0, ttl 46, id 0, offset 0, flags [DF], proto TCP (6), length 52)
40.114.177.156.443 > 10.40.1.15.54576: Flags [S.], cksum 0x6caf (correct), seq 3746620916, ack 2671721547, win 42340, options [mss 1440,nop,nop,sackOK,nop,wscale 7], length 0
15:23:51.875017 Out ethertype IPv4 (0x0800), length 56: (tos 0x0, ttl 127, id 15229, offset 0, flags [DF], proto TCP (6), length 40)
10.40.1.15.54576 > 40.114.177.156.443: Flags [.], cksum 0x4ecd (correct), ack 1, win 1029, length 0
15:23:51.881842 Out ethertype IPv4 (0x0800), length 573: (tos 0x0, ttl 127, id 15230, offset 0, flags [DF], proto TCP (6), length 557)
10.40.1.15.54576 > 40.114.177.156.443: Flags [P.], cksum 0x85b2 (correct), seq 1:518, ack 1, win 1029, length 517
15:23:51.993087 In ethertype IPv4 (0x0800), length 68: (tos 0x0, ttl 46, id 0, offset 0, flags [DF], proto TCP (6), length 52)
40.114.177.156.443 > 10.40.1.15.54577: Flags [S.], cksum 0x1a8b (correct), seq 2112428569, ack 576141466, win 42340, options [mss 1440,nop,nop,sackOK,nop,wscale 7], length 0
15:23:51.999417 Out ethertype IPv4 (0x0800), length 56: (tos 0x0, ttl 127, id 15231, offset 0, flags [DF], proto TCP (6), length 40)
10.40.1.15.54577 > 40.114.177.156.443: Flags [.], cksum 0xfca8 (correct), ack 1, win 1029, length 0
15:23:52.004637 Out ethertype IPv4 (0x0800), length 573: (tos 0x0, ttl 127, id 15232, offset 0, flags [DF], proto TCP (6), length 557)
10.40.1.15.54577 > 40.114.177.156.443: Flags [P.], cksum 0x34f2 (correct), seq 1:518, ack 1, win 1029, length 517
15:23:52.016827 In ethertype IPv4 (0x0800), length 56: (tos 0x0, ttl 46, id 56632, offset 0, flags [DF], proto TCP (6), length 40)
40.114.177.156.443 > 10.40.1.15.54576: Flags [.], cksum 0x4f83 (correct), ack 518, win 330, length 0
15:23:52.017538 In ethertype IPv4 (0x0800), length 973: (tos 0x0, ttl 46, id 56635, offset 0, flags [DF], proto TCP (6), length 957)
40.114.177.156.443 > 10.40.1.15.54576: Flags [P.], cksum 0x5adc (correct), seq 2905:3822, ack 518, win 330, length 917
15:23:52.017835 Out ethertype IPv4 (0x0800), length 68: (tos 0x0, ttl 127, id 15233, offset 0, flags [DF], proto TCP (6), length 52)
10.40.1.15.54576 > 40.114.177.156.443: Flags [.], cksum 0x71de (correct), ack 1, win 1029, options [nop,nop,sack 1 {2905:3822}], length 0
15:23:52.163325 In ethertype IPv4 (0x0800), length 56: (tos 0x0, ttl 46, id 10414, offset 0, flags [DF], proto TCP (6), length 40)
40.114.177.156.443 > 10.40.1.15.54577: Flags [.], cksum 0xfd5e (correct), ack 518, win 330, length 0
15:23:52.163716 In ethertype IPv4 (0x0800), length 973: (tos 0x0, ttl 46, id 10417, offset 0, flags [DF], proto TCP (6), length 957)
40.114.177.156.443 > 10.40.1.15.54577: Flags [P.], cksum 0xc1ca (correct), seq 2905:3822, ack 518, win 330, length 917
15:23:52.164066 Out ethertype IPv4 (0x0800), length 68: (tos 0x0, ttl 127, id 15234, offset 0, flags [DF], proto TCP (6), length 52)
10.40.1.15.54577 > 40.114.177.156.443: Flags [.], cksum 0x7a40 (correct), ack 1, win 1029, options [nop,nop,sack 1 {2905:3822}], length 0
15:24:21.884793 Out ethertype IPv4 (0x0800), length 56: (tos 0x0, ttl 127, id 15235, offset 0, flags [DF], proto TCP (6), length 40)
10.40.1.15.54576 > 40.114.177.156.443: Flags [F.], cksum 0x4cc7 (correct), seq 518, ack 1, win 1029, length 0
15:24:21.991384 In ethertype IPv4 (0x0800), length 56: (tos 0x0, ttl 46, id 56643, offset 0, flags [DF], proto TCP (6), length 40)
40.114.177.156.443 > 10.40.1.15.54576: Flags [F.], cksum 0x4094 (correct), seq 3822, ack 519, win 330, length 0
15:24:21.991944 Out ethertype IPv4 (0x0800), length 68: (tos 0x0, ttl 127, id 15236, offset 0, flags [DF], proto TCP (6), length 52)
10.40.1.15.54576 > 40.114.177.156.443: Flags [.], cksum 0x71dd (correct), ack 1, win 1029, options [nop,nop,sack 1 {2905:3822}], length 0
15:24:22.008714 Out ethertype IPv4 (0x0800), length 56: (tos 0x0, ttl 127, id 15237, offset 0, flags [DF], proto TCP (6), length 40)
10.40.1.15.54577 > 40.114.177.156.443: Flags [F.], cksum 0xfaa2 (correct), seq 518, ack 1, win 1029, length 0
15:24:22.098913 Out ethertype IPv4 (0x0800), length 68: (tos 0x0, ttl 127, id 15238, offset 0, flags [DF], proto TCP (6), length 52)
10.40.1.15.54601 > 40.114.177.156.443: Flags [S], cksum 0x9856 (correct), seq 2147721091, win 64240, options [mss 1452,nop,wscale 8,nop,nop,sackOK], length 0
15:24:22.108547 In ethertype IPv4 (0x0800), length 56: (tos 0x0, ttl 46, id 10424, offset 0, flags [DF], proto TCP (6), length 40)
40.114.177.156.443 > 10.40.1.15.54577: Flags [F.], cksum 0xee6f (correct), seq 3822, ack 519, win 330, length 0
15:24:22.108976 Out ethertype IPv4 (0x0800), length 68: (tos 0x0, ttl 127, id 15239, offset 0, flags [DF], proto TCP (6), length 52)
10.40.1.15.54577 > 40.114.177.156.443: Flags [.], cksum 0x7a3f (correct), ack 1, win 1029, options [nop,nop,sack 1 {2905:3822}], length 0
15:24:22.185975 In ethertype IPv4 (0x0800), length 68: (tos 0x0, ttl 46, id 0, offset 0, flags [DF], proto TCP (6), length 52)
40.114.177.156.443 > 10.40.1.15.54601: Flags [S.], cksum 0x6cb6 (correct), seq 1093353469, ack 2147721092, win 42340, options [mss 1440,nop,nop,sackOK,nop,wscale 7], length 0
15:24:22.187017 Out ethertype IPv4 (0x0800), length 56: (tos 0x0, ttl 127, id 15240, offset 0, flags [DF], proto TCP (6), length 40)
10.40.1.15.54601 > 40.114.177.156.443: Flags [.], cksum 0x4ed4 (correct), ack 1, win 1029, length 0
15:24:22.189402 Out ethertype IPv4 (0x0800), length 573: (tos 0x0, ttl 127, id 15241, offset 0, flags [DF], proto TCP (6), length 557)
10.40.1.15.54601 > 40.114.177.156.443: Flags [P.], cksum 0xc168 (correct), seq 1:518, ack 1, win 1029, length 517
15:24:22.278188 In ethertype IPv4 (0x0800), length 56: (tos 0x0, ttl 46, id 27527, offset 0, flags [DF], proto TCP (6), length 40)
40.114.177.156.443 > 10.40.1.15.54601: Flags [.], cksum 0x4f8a (correct), ack 518, win 330, length 0
15:24:22.283029 In ethertype IPv4 (0x0800), length 973: (tos 0x0, ttl 46, id 27530, offset 0, flags [DF], proto TCP (6), length 957)
40.114.177.156.443 > 10.40.1.15.54601: Flags [P.], cksum 0x8f6b (correct), seq 2905:3822, ack 518, win 330, length 917
15:24:22.283531 Out ethertype IPv4 (0x0800), length 68: (tos 0x0, ttl 127, id 15242, offset 0, flags [DF], proto TCP (6), length 52)
10.40.1.15.54601 > 40.114.177.156.443: Flags [.], cksum 0xfa1f (correct), ack 1, win 1029, options [nop,nop,sack 1 {2905:3822}], length 0
^C
27 packets captured
27 packets received by filter
0 packets dropped by kernel
root@OpenWrt:~#