1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Tarifa028

Discussion in 'Tarifa Firmware' started by tuntun, Oct 15, 2006.

  1. tuntun

    tuntun Network Guru Member

    Tarifa028 was released one week ago but today it has removed and replaced with 027. Any issue with that version? or any reason behind?

    Thansk
     
  2. jchuit

    jchuit Network Guru Member

    Upnp and Tarifa b028

    Sorry,

    there is a problem within the Upnp program, this program is started at default.

    After an ip set or change from your ISP, Upnp is (re)started.
    But after start it crashes. (It depends on iptables 1.2.7)

    Next week this problem will be solved in Tarifa b029.

    greetings,
    jchuit
     
  3. tuntun

    tuntun Network Guru Member

    Thanks.
    Are there anyway you can modify firewall section similar to Thibor15c?
    Appreciate all your afforts...to make WRT54G more features....
     
  4. jchuit

    jchuit Network Guru Member

    Maybe that some basic features will be added in the future.

    But what are you missing?
     
  5. tuntun

    tuntun Network Guru Member

    Thanks.

    I would like to request these for firewall section "Additional filters to proxy, Java applet, ActiveX, cookies, port scans and P2P (blocks BitTorrent, Kazaa, WinMX, eDonkey, DC and Gnucleus) and not to respnd any WAN request"...
    Because I noticed a lot of intruders, port scan and Dos Attacks in our area. May be they are smarter...so I suggest for everyone to have these in security firewall. Can you add on ver029? I don't mind test for you..

    Best regards
     
  6. tuntun

    tuntun Network Guru Member

    Sorry jchuit,

    one more addition should have under reset. Can you add normal factory default and clear NVRAM and reset factory default?...because I noticed a lot of users use reset button and clear NVram...in long run, the botton becomes loose contact or non-contact, etc...this is based on my friends feedback...when they tried tomato and thibor, they can do it from GUI itself and easier for them...

    Thank you for all your help...
     
  7. jchuit

    jchuit Network Guru Member

    I think too, that this can be a big problem, especially Dos attacks.

    Tarifa b027 is patched agains these dos attacks, ip_conntrack did not close some type of connections (and are left open), this due to unreplied packets in the SPI-firewall.

    The SPI-firewall should block all traffic (except http,dns,ftp...), only traffic opened by the Upnp should be allowed.
    Or did you mean that all the traffic done by use of a Proxy server (secure or unsecure)?

    Clearing NVRAM is done by Restore Factory Defaults, this clears the NVRAM completely and after reboot installs the default broadcom CFE-settings.
    This is (=should be) the same as pushing the reset button for 30 secs at startup.
    What do you need more?

    Greetings,
    jchuit
     
  8. tuntun

    tuntun Network Guru Member

    yes. SPI-firewall should block all traffic except common services (as per normal SPI rules), WAN to LAN all traffic block, but LAN to WAN only allow common services and UPNP. For proxy server, I am not sure is it difficult to add or modify?

    This should be OK if factory default can clear NVRAM. From my personal experience, these features should be nough for this router. May be others can give suggestion?

    Best regards,
    tun tun
     
  9. tuntun

    tuntun Network Guru Member

    Hi ,

    when will your b029 be available:)?
    i am eagerly waiting for your release...
    thank Q for all your firmwares
     
  10. jchuit

    jchuit Network Guru Member

    Today I builded a test binary, I hope that the UPnP problem is solved now.

    The problem: UPnP uses the broadcom netconf package, netconf makes use of (is linked to) some iptables 1.2.7a objects.

    Greetings,
    jchuit
     
  11. tuntun

    tuntun Network Guru Member

    Thanks. How about SPI section? Any changes can make this time as suggested?

    Best regards
    tun tun
     
  12. jchuit

    jchuit Network Guru Member

    The prime goal of Tarifa b029 is the UPnP bug.

    The SPI firewall section hasn't been changed, but I will have a look at the outgoing traffic in relation to the SPI-firewall later.......

    If you can give some more info about what kind of problems you see, is helpfull.
     
  13. tuntun

    tuntun Network Guru Member

    Hi ...

    do your B029 ready?

    thanks
     
  14. jchuit

    jchuit Network Guru Member

    The release of Tarifa b029 will be next week (around 23 Oct).

    If you like a pre-release, then send me a PM with your email.

    Greetings,
    jchuit
     
  15. tuntun

    tuntun Network Guru Member

    I sent a PM. Thanks
     
  16. jchuit

    jchuit Network Guru Member

    About the LAN to WAN traffic:

    The outgoing traffic is not blocked (controlled) by iptables, this is the default setup of Iptables.

    The OUTPUT chain can be set to block(firewall) outgoing traffic.

    I found a nice program to test this 'Leak': http://www.grc.com/lt/leaktest.htm

    Greetings,
    jchuit
     

Share This Page