1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Need help getting Tomato to allow ICMP for testing.

Discussion in 'Tomato Firmware' started by Rocky Grim, Mar 10, 2012.

  1. Rocky Grim

    Rocky Grim Networkin' Nut Member

    I am trying to allow tests from DSLreports.com to run for diagnosing my DSL internet connection. I have been told to issue the fallowing command via Tools and going to System.

    iptables -I INPUT -s 74.208.229.54 -j ACCEPT
    iptables -I INPUT -s 64.81.79.41 -j ACCEPT
    iptables -vnL INPUT --line-numbers

    The only problem is whenever I make ever a simple change to Tomato and save them these commands disappear. Is there any way to have the commands permanatly put into Tomato? Then, how could I remove them when I'm done testing? I don't know anything about using iptables so if someone could make it as simple as copying and pasting that would be great. Thanks in advance. I greatly appreciate it.
     
  2. shibby20

    shibby20 Network Guru Member

    Advanced -> Firewall -> Respond to ICMP ping
     
  3. Rocky Grim

    Rocky Grim Networkin' Nut Member

    Its the firmwares limitation on ICMP pings that cause the tests from DSLreports.com to fail. Therefore, you have to use the commands that I posted to get around that. However, I would like to be able to permenatly put those rules in so they do not erase when I make a change and save it. This is the limitation that causes the problem limit: avg 1/sec burst 5 .
     
  4. Toastman

    Toastman Super Moderator Staff Member Member

    Have you tried putting them in the admin/scripts/ firewall box?

    to remove, look at the -D function
     
  5. Rocky Grim

    Rocky Grim Networkin' Nut Member

    It didn't work =(
     
  6. Planiwa

    Planiwa LI Guru Member

    First -- you need to understand that the first two lines are Firewall rules that allow rapid pings from those two hosts:

    74.208.229.54 = u15150124.onlinehome-server.com
    64.81.79.41 = dslreports-west2.speakeasy.net

    The 3rd line is not a Firewall rule, but rather a request for statistics that show how many pings were received, etc.

    You can run that anytime you want that information. Do not include it in the Firewall - Rules.


    Second -- Put the first two rules into your Firewall script.


    Third -- In order to run that Firewall script and install those rules, you must restart your Firewall, by executing this command:

    service firewall restart

    You can keep an eye on it from time to time by running the third line.


    Fourth -- when you've had enough, remove the rules from the Firewall script and restart the Firewall.
     
  7. Rocky Grim

    Rocky Grim Networkin' Nut Member

    I got it to work now. Thanks a lot fellas I really appreciate it greatly.
     

Share This Page