WTF is that?
1 Like
I saw that too, but I'm not sure if it really matters. Let's start with the interfaces and firewall page.
Bro, i have no idea. I didnt touch the loop back at all. this is how it was after the double flash.
also here are the screenshots
Remove also the default gateway from the lan interface.
I guess it does.
removing the defaut gateway has the same result. Trace works on router and not on the pc
Another weird thing. Turning off the TIM network and using the Vodafone one. I can do the trace from the pc.... but i can also ping the TIM router which I shouldnt be able to do as i turned the interface off
What dose this mean?
Can you again post your configs please? I think something may still be wrong in there. /etc/config/network /etc/config/firewall
Post a screenshot of your switch page as well. Are you testing from a wired LAN client?
You can ping 192.168.2.1 or 192.168.2.2 ?
Here u go
root@OpenWrt:~# cat /etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdd0:88ff:6916::/48'
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
option dns '8.8.8.8 85.37.17.17 85.38.28.72'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option vid '1'
option ports '0 1 2 5t'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '4 6t'
option vid '2'
config interface 'Tim'
option ifname 'eth1.2'
option proto 'static'
option ipaddr '192.168.2.2'
option netmask '255.255.255.0'
option gateway '192.168.2.1'
option dns '8.8.8.8'
config switch_vlan
option device 'switch0'
option vlan '3'
option vid '3'
option ports '3 6t'
config interface 'Vodafone'
option proto 'static'
option ifname 'eth1.3'
option ipaddr '192.168.3.2'
option netmask '255.255.255.0'
option gateway '192.168.3.1'
option dns '8.8.8.8'
option auto '0'
config interface 'Guest'
option proto 'static'
option ipaddr '192.168.5.1'
option netmask '255.255.255.0'
option gateway '192.168.5.1'
root@OpenWrt:~#
root@OpenWrt:~# cat /etc/config/firewall
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'lan'
option conntrack '1'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
option network 'Tim Vodafone'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
config zone
option input 'ACCEPT'
option forward 'REJECT'
option output 'ACCEPT'
option name 'Guest'
option network 'Guest'
config forwarding
option dest 'wan'
option src 'Guest'
config forwarding
option dest 'wan'
option src 'lan'
yep, i can ping them when the interface is off... which is weird
192.168.2.1
can you use "cat /etc/config/firewall" instead of vim, I think we're just seeing the first page of text, just go back and edit the previous post and plop the text where you currently have the VIM output.
It might be worth a try but I think connect to your Tim router only and remove the Vodafone router and then configure the Tim interface to not use Static IP and use DHCP instead and then tick the option Use as default gateway.
You've still got "option gateway '192.168.5.1'" here delete that... it's not your problem though. You only put gateways to tell the router how to get to other networks. So you should have a gateway for both WAN networks, and no gateway for other networks.
can you disable Vodafone and enable TIM and give the output of ip route show
I updated the files
Already tried this and the same result
let's see this one. it will tell us how the router is trying to route your packets.
root@OpenWrt:~# ip route show
default via 192.168.2.1 dev eth1.2 proto static
192.168.1.0/24 dev br-lan proto kernel scope link src 192.168.1.1
192.168.2.0/24 dev eth1.2 proto kernel scope link src 192.168.2.2
192.168.5.0/24 dev wlan1 proto kernel scope link src 192.168.5.1
root@OpenWrt:~#
And you're attempting to ping/traceroute from a device connected to the wired LAN on what's called LAN2 on your switch page correct?