1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Iptables fails in access restriction rules

Discussion in 'Tomato Firmware' started by j66st, Jun 27, 2010.

  1. j66st

    j66st Networkin' Nut Member

    Running regular Tomato 1.27 firmware on a Linksys WRT54G.
    I am trying several access restriction rules, but they don't work.

    The log shows a group of failing iptables commands every 15 minutes. The number of errors matches the number of enabled access restriction rules:

    Jun 27 22:15:01 tomato user.info rcheck[11425]: Activating rule 2
    Jun 27 22:15:01 tomato user.err rcheck[11425]: Iptables command failed. Retrying in 15 minutes.
    Jun 27 22:15:01 tomato user.info rcheck[11425]: Activating rule 3
    Jun 27 22:15:01 tomato user.err rcheck[11425]: Iptables command failed. Retrying in 15 minutes.
    Jun 27 22:15:01 tomato user.info rcheck[11425]: Activating rule 4
    Jun 27 22:15:01 tomato user.err rcheck[11425]: Iptables command failed. Retrying in 15 minutes.

    It looks like the firmware is generating wrong iptables commands for the rules. Anyone knows this problem? The errors occur for all kinds of rules (URL matching, blocking MAC addresses during a part of the day, etc.). The rules were entered via the web interface.

    Is there a way to log the actual iptables commands to get a clue what kind of syntax error is generated. I'm using a fairly basic router setup (without NAT), no manually entered scripts used.

    Any ideas?
     
  2. pierslauder

    pierslauder Networkin' Nut Member

    I'm having exactly the same problem, only with Tomato Firmware v1.28.1816 on a Linksys WRT54GL.

    I've even tried disabling all rules except for the "example" provided with the firmware, which yields the following log entries:

    Aug 4 10:47:23 swan user.info rcheck[21116]: Activating rule 0
    Aug 4 10:47:23 swan user.err rcheck[21116]: Iptables command failed. Retrying in 15 minutes.

    So, Access Restrictions appear not to work in these versions of Tomato.

    Does anyone know of a fix, or an e-mail address for bug reports?
     
  3. jaime.freire

    jaime.freire Networkin' Nut Member

    Hi!

    I have the same problem on version 1.28. I've already tried to clear NVRAM...

    Anybody has news on this?
     
  4. mstombs

    mstombs Network Guru Member

    Is the common link here "router" non-nat mode, rather than "gateway" nat mode?

    I recommend you try the equivalent tomatousb build to see if its already been fixed.
     
  5. Toastman

    Toastman Super Moderator Staff Member Member

Share This Page