1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

rt-n16 ebtables

Discussion in 'Tomato Firmware' started by lancethepants, May 12, 2011.

  1. lancethepants

    lancethepants Network Guru Member

    I've got an Asus RT-N16 router loaded with the latest tomatousb vpn. I'm trying to setup a site-to-site vpn while blocking dhcp down the tunnel. I'm just not sure if I'm doing something right.
    I've got in the firewall script

    ebtables -I INPUT -i tap21 -p IPv4 --ip-protocol udp --ip-destination-port 67:68 -j DROP
    ebtables -I OUTPUT -o tap21 -p IPv4 --ip-protocol udp --ip-destination-port 67:68 -j DROP

    and running 'ebtables -L' in the cli shows

    Bridge chain: INPUT, entries: 1, policy: ACCEPT
    -p IPv4 -i tap21 --ip-proto udp --ip-dport 67:68 -j DROP

    Bridge chain: FORWARD, entries: 0, policy: ACCEPT

    Bridge chain: OUTPUT, entries: 1, policy: ACCEPT
    -p IPv4 -o tap21 --ip-proto udp --ip-dport 67:68 -j DROP

    but I still get devices getting the wrong dhcp gateways. It appears that tomatousb vpn calls the first VPN server interface 'tap21', is there something I'm missing?

    edit: solution found here.

    http://linksysinfo.org/index.php?threads/block-dhcp-over-openvpn-bridge.36739/
     

Share This Page