1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Forwarding Protocol 41 in tomato.

Discussion in 'Tomato Firmware' started by Napsterbater, Jan 27, 2009.

  1. Napsterbater

    Napsterbater Addicted to LI Member

    I'm trying to forward protocol 41 (Ipv6 in IPv6 or 6in4) but the logs keep showing that protocol 41 is getting dropped in the firewall somewhere can anyone help.


    Code:
    iptables -t nat -A PREROUTING -i ppp0 -p 41 -j DNAT --to 10.0.1.2
    iptables -t filter -A FORWARD -i ppp0 -p 41 -d 10.0.1.2 -j ACCEPT
    
    Code:
    Chain INPUT (policy DROP)
    target     prot opt source               destination
    DROP       0    --  anywhere             h205.59.28.71.dynamic.ip.windstream.net
    
    logdrop    0    --  anywhere             anywhere            state INVALID
    ACCEPT     0    --  anywhere             anywhere            state RELATED,ESTAB
    LISHED
    ACCEPT     0    --  anywhere             anywhere
    ACCEPT     0    --  anywhere             anywhere
    ACCEPT     icmp --  anywhere             anywhere
    logdrop    0    --  anywhere             anywhere
    
    Chain FORWARD (policy DROP)
    target     prot opt source               destination
    ACCEPT     ipv6 --  anywhere             10.0.1.2
    ACCEPT     0    --  anywhere             anywhere
    DROP       0    --  anywhere             anywhere            state INVALID
    TCPMSS     tcp  --  anywhere             anywhere            tcp flags:SYN,RST/S
    YN tcpmss match 1453:65535 TCPMSS set 1452
    ACCEPT     0    --  anywhere             anywhere            state RELATED,ESTAB
    LISHED
    wanin      0    --  anywhere             anywhere
    wanout     0    --  anywhere             anywhere
    ACCEPT     0    --  anywhere             anywhere
    upnp       0    --  anywhere             anywhere
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination
    
    Chain logdrop (2 references)
    target     prot opt source               destination
    LOG        0    --  anywhere             anywhere            state NEW LOG level
     warning tcp-options ip-options prefix `DROP '
    DROP       0    --  anywhere             anywhere
    
    Chain logreject (0 references)
    target     prot opt source               destination
    LOG        0    --  anywhere             anywhere            LOG level warning t
    cp-options ip-options prefix `REJECT '
    REJECT     tcp  --  anywhere             anywhere            reject-with tcp-res
    et
    
    Chain upnp (1 references)
    target     prot opt source               destination
    ACCEPT     udp  --  anywhere             10.0.1.5            udp dpt:10001
    ACCEPT     tcp  --  anywhere             10.0.1.5            tcp dpt:10001
    ACCEPT     tcp  --  anywhere             10.0.1.5            tcp dpt:10002
    ACCEPT     tcp  --  anywhere             10.0.1.5            tcp dpt:6883
    ACCEPT     udp  --  anywhere             10.0.1.5            udp dpt:49001
    
    Chain wanin (1 references)
    target     prot opt source               destination
    ACCEPT     tcp  --  anywhere             10.0.1.12           tcp dpts:11000:1199
    9
    ACCEPT     udp  --  anywhere             10.0.1.12           udp dpts:11000:1199
    9
    ACCEPT     tcp  --  anywhere             10.0.1.5            tcp dpt:www
    ACCEPT     tcp  --  anywhere             10.0.1.1            tcp dpt:auth
    ACCEPT     udp  --  anywhere             10.0.1.1            udp dpt:113
    ACCEPT     tcp  --  anywhere             10.0.1.2            tcp dpt:5060
    ACCEPT     udp  --  anywhere             10.0.1.2            udp dpt:5060
    ACCEPT     tcp  --  anywhere             10.0.1.5            tcp dpts:10000:1099
    9
    ACCEPT     udp  --  anywhere             10.0.1.5            udp dpts:10000:1099
    9
    ACCEPT     tcp  --  anywhere             10.0.1.2            tcp dpt:3478
    ACCEPT     udp  --  anywhere             10.0.1.2            udp dpt:3478
    ACCEPT     tcp  --  anywhere             10.0.1.1            tcp dpt:5500
    ACCEPT     udp  --  anywhere             10.0.1.1            udp dpt:5500
    ACCEPT     tcp  --  anywhere             10.0.1.1            tcp dpt:5800
    ACCEPT     udp  --  anywhere             10.0.1.1            udp dpt:5800
    ACCEPT     tcp  --  anywhere             10.0.1.1            tcp dpt:5900
    ACCEPT     udp  --  anywhere             10.0.1.1            udp dpt:5900
    ACCEPT     tcp  --  anywhere             10.0.1.2            tcp dpts:9000:9015
    ACCEPT     udp  --  anywhere             10.0.1.2            udp dpts:9000:9015
    
    Chain wanout (1 references)
    target     prot opt source               destination
    
     
  2. Napsterbater

    Napsterbater Addicted to LI Member

    Ok I'm bumping this,

    I now seem to have an interment problem with the forwarding now, I tried putting the protocol 41 forwards in the "Wan Up" scripts tab instead of firewall and still randomly the router decides that it doesn't want to pass protocol 41 traffic, the kicker is it will work for like 2-3 weeks even with some restarts and then for some unknown reason it stops. at this point the log isn't show the drop IPv6 packet like last time so im not sure whats going on.



    Code:
    iptables -t nat -I PREROUTING -i ppp0 -p 41 -j DNAT --to 10.0.1.2
    iptables -t filter -I FORWARD -i ppp0 -p 41 -d 10.0.1.2 -j ACCEPT
    Tried that in "Firewall" and "Wan Up", and this is a PPPoE WAN.
     
  3. Napsterbater

    Napsterbater Addicted to LI Member

    Anyone? forget its even IPv6 imagine its GRE what would you use?
     

Share This Page