LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   DIR-300 with DDWRT can't access certain websites (http://www.linuxquestions.org/questions/linux-networking-3/dir-300-with-ddwrt-can%27t-access-certain-websites-917851/)

prushik 12-09-2011 01:36 AM

DIR-300 with DDWRT can't access certain websites
 
I have installed DD-WRT on my room mate's DIR-300 A1 router. The original firmware was having trouble communicating with my linux machine from the states and her mac from Taiwan. It did work, but not well. Plus the original firmware was in Korean, and neither of us speak Korean yet.
Now wireless works great and the firmware is in English, but some websites don't work at all, Namely: buildroot.org / uclibc.org and wikipedia.org to name a few. Buildroot and uclibc can be ping'ed but not accessed, wikipedia.org can be resolved by DNS, but not ping'ed or accessed via the web.
All the settings on the router are DD-WRT default at the moment.

I figure the problem could be iptables related, but I really have no clue.


Also, not sure if this is the right forum for this question, but I figured you guys here would know about DDWRT.

eSelix 12-09-2011 04:41 AM

If you suspecting iptables, can you post it output? Show
Code:

iptables -S
ifconfig -a
cat /etc/resolv.conf

Better forum would be "Linux - Networking".

prushik 12-09-2011 06:48 AM

Quote:

Originally Posted by eSelix (Post 4545757)
If you suspecting iptables, can you post it output? Show
Code:

iptables -S
ifconfig -a
cat /etc/resolv.conf


iptables -S give no output whatsoever.
ifconfig -a gives a ton of output, lots of vlan things and stuff. Strikes me a bit odd for a default config, but I didn't design it, so what do I know. Here's the output:
Code:

root@DD-WRT:~# ifconfig -a
ath0      Link encap:Ethernet  HWaddr 00:24:01:B9:64:EF 
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:75890 errors:0 dropped:0 overruns:0 frame:0
          TX packets:112380 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:6705728 (6.3 MiB)  TX bytes:124664854 (118.8 MiB)

br0      Link encap:Ethernet  HWaddr 00:24:01:B9:64:EF 
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:75890 errors:0 dropped:0 overruns:0 frame:0
          TX packets:112226 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:6705728 (6.3 MiB)  TX bytes:124655329 (118.8 MiB)

eth0      Link encap:Ethernet  HWaddr 00:24:01:B9:64:F0 
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:290952 errors:0 dropped:0 overruns:0 frame:0
          TX packets:52851 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:131552142 (125.4 MiB)  TX bytes:4965561 (4.7 MiB)
          Interrupt:4 Base address:0x1000

etherip0  Link encap:Ethernet  HWaddr 92:DE:AE:CA:B3:1E 
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

gre0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 
          NOARP  MTU:1476  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING MULTICAST  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

teql0    Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 
          NOARP  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

tunl0    Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 
          NOARP  MTU:1480  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

vlan0    Link encap:Ethernet  HWaddr 00:24:01:B9:64:F0 
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:432 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:23485 (22.9 KiB)

vlan2    Link encap:Ethernet  HWaddr 00:24:01:B9:64:F0 
          inet addr:<RE.MOV.ED_.IP>  Bcast:121.55.86.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:290952 errors:0 dropped:0 overruns:0 frame:0
          TX packets:52419 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:131552142 (125.4 MiB)  TX bytes:4942076 (4.7 MiB)

vlan2:0  Link encap:Ethernet  HWaddr 00:24:01:B9:64:F0 
          inet addr:169.254.255.1  Bcast:169.254.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

wifi0    Link encap:UNSPEC  HWaddr 00-24-01-B9-64-EF-00-00-00-00-00-00-00-00-00-00 
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:79253 errors:0 dropped:0 overruns:0 frame:1511
          TX packets:114668 errors:383 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:195
          RX bytes:9703922 (9.2 MiB)  TX bytes:127321761 (121.4 MiB)
          Interrupt:3 Memory:b0000000-b00ffffc

/etc/resolv.conf only lists 192.168.1.1 as a nameserver, which makes sense I guess since it is running its own nameserver. but I have tested and I can resolve any website from either my laptop or the router. So I'm pretty sure DNS isn't the issue here as its the one thing that works as expected.


I don't really know what to suspect. It seems to me that the list of things that could cause such an odd problem is pretty short. DNS, or iptables, or the Korean government or my ISP here filtering my internet. I ruled out DNS issues and the government (works if I bypass the router), so the only thing left in my limited knowledge is something firewall related.

I ran a traceroute to see if I could learn anything from that, but I got 17 hops to wikipedia (which doesn't work) and 19 hops to linuxquestions (which does work).


Quote:

Originally Posted by eSelix (Post 4545757)
Better forum would be "Linux - Networking".

Ooops, sorry. I wouldn't be offended if somebody wants to move this.

eSelix 12-09-2011 07:26 AM

Quote:

Originally Posted by prushik (Post 4545814)
iptables -S give no output whatsoever

So, use "iptables -L".

In my opinion better is configure router from beggining, for example, I have only lo, eth0 and wifi0, iptables are clearead and only my own rules are inserted. Check your /etc/network/interfaces and use only these which you need. I don't known DDWRT, but if you have GUI for configuration, maybe you can use it. But I prefer configuration from console.

By the way, you should mask your external IP address from output.

prushik 12-09-2011 09:39 PM

Quote:

Originally Posted by eSelix (Post 4545835)
So, use "iptables -L".

In my opinion better is configure router from beggining, for example, I have only lo, eth0 and wifi0, iptables are clearead and only my own rules are inserted. Check your /etc/network/interfaces and use only these which you need. I don't known DDWRT, but if you have GUI for configuration, maybe you can use it. But I prefer configuration from console.

I had it set up at one point, then I noticed the problem and reset it, thinking that the problem was caused by something I did. The problem remained after I reset to defaults, which is when I posted here.
However, its strange, a few hours later, everything started working, and is still working now.

Quote:

Originally Posted by eSelix (Post 4545835)
By the way, you should mask your external IP address from output.

Oops again. didn't even think of that. but really, there's no reason for somebody to attack me here, all my servers and good stuff is still back in the US. Plus, I assume most (if not all) of you guys here are stand up guys, otherwise you wouldn't be hanging around here just to answer people's questions.

prushik 12-09-2011 09:45 PM

Quote:

Originally Posted by eSelix (Post 4545835)
So, use "iptables -L".

Here's what iptables -L looks like. It gave me the information that I think you were looking for.
but since the problem resolved itself, Maybe it was a problem with the ISP here in Korea? That's that's the only thing that makes sense to me now.

Code:

root@DD-WRT:~# iptables -L
Chain INPUT (policy ACCEPT)
target    prot opt source              destination       
ACCEPT    0    --  anywhere            anywhere            state RELATED,ESTABLISHED
DROP      udp  --  anywhere            anywhere            udp dpt:route
DROP      udp  --  anywhere            anywhere            udp dpt:route
ACCEPT    udp  --  anywhere            anywhere            udp dpt:route
logaccept  tcp  --  anywhere            DD-WRT              tcp dpt:www
DROP      icmp --  anywhere            anywhere           
ACCEPT    igmp --  anywhere            anywhere           
ACCEPT    tcp  --  anywhere            anywhere            tcp dpt:auth
ACCEPT    0    --  anywhere            anywhere            state NEW
logaccept  0    --  anywhere            anywhere            state NEW
DROP      0    --  anywhere            anywhere           

Chain FORWARD (policy ACCEPT)
target    prot opt source              destination       
ACCEPT    gre  --  192.168.1.0/24      anywhere           
ACCEPT    tcp  --  192.168.1.0/24      anywhere            tcp dpt:1723
ACCEPT    0    --  anywhere            anywhere           
TCPMSS    tcp  --  anywhere            anywhere            tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
lan2wan    0    --  anywhere            anywhere           
ACCEPT    0    --  anywhere            anywhere            state RELATED,ESTABLISHED
ACCEPT    udp  --  anywhere            base-address.mcast.net/4 udp
TRIGGER    0    --  anywhere            anywhere            TRIGGER type:in match:0 relate:0
trigger_out  0    --  anywhere            anywhere           
ACCEPT    0    --  anywhere            anywhere            state NEW
DROP      0    --  anywhere            anywhere           

Chain OUTPUT (policy ACCEPT)
target    prot opt source              destination       

Chain advgrp_1 (0 references)
target    prot opt source              destination       

Chain advgrp_10 (0 references)
target    prot opt source              destination       

Chain advgrp_2 (0 references)
target    prot opt source              destination       

Chain advgrp_3 (0 references)
target    prot opt source              destination       

Chain advgrp_4 (0 references)
target    prot opt source              destination       

Chain advgrp_5 (0 references)
target    prot opt source              destination       

Chain advgrp_6 (0 references)
target    prot opt source              destination       

Chain advgrp_7 (0 references)
target    prot opt source              destination       

Chain advgrp_8 (0 references)
target    prot opt source              destination       

Chain advgrp_9 (0 references)
target    prot opt source              destination       

Chain grp_1 (0 references)
target    prot opt source              destination       

Chain grp_10 (0 references)
target    prot opt source              destination       

Chain grp_2 (0 references)
target    prot opt source              destination       

Chain grp_3 (0 references)
target    prot opt source              destination       

Chain grp_4 (0 references)
target    prot opt source              destination       

Chain grp_5 (0 references)
target    prot opt source              destination       

Chain grp_6 (0 references)
target    prot opt source              destination       

Chain grp_7 (0 references)
target    prot opt source              destination       

Chain grp_8 (0 references)
target    prot opt source              destination       

Chain grp_9 (0 references)
target    prot opt source              destination       

Chain lan2wan (1 references)
target    prot opt source              destination       

Chain logaccept (2 references)
target    prot opt source              destination       
ACCEPT    0    --  anywhere            anywhere           

Chain logdrop (0 references)
target    prot opt source              destination       
DROP      0    --  anywhere            anywhere           

Chain logreject (0 references)
target    prot opt source              destination       
REJECT    tcp  --  anywhere            anywhere            tcp reject-with tcp-reset

Chain trigger_out (1 references)
target    prot opt source              destination


win32sux 12-10-2011 01:20 AM

Moved to Networking.


All times are GMT -5. The time now is 06:08 AM.