LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page DIR-300 with DDWRT can't access certain websites
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 12-09-2011, 01:36 AM   #1
prushik
Member
 
Registered: Mar 2009
Location: Pennsylvania
Distribution: gentoo
Posts: 372

Rep: Reputation: 29
DIR-300 with DDWRT can't access certain websites

I have installed DD-WRT on my room mate's DIR-300 A1 router. The original firmware was having trouble communicating with my linux machine from the states and her mac from Taiwan. It did work, but not well. Plus the original firmware was in Korean, and neither of us speak Korean yet.
Now wireless works great and the firmware is in English, but some websites don't work at all, Namely: buildroot.org / uclibc.org and wikipedia.org to name a few. Buildroot and uclibc can be ping'ed but not accessed, wikipedia.org can be resolved by DNS, but not ping'ed or accessed via the web.
All the settings on the router are DD-WRT default at the moment.

I figure the problem could be iptables related, but I really have no clue.


Also, not sure if this is the right forum for this question, but I figured you guys here would know about DDWRT.
 
Old 12-09-2011, 04:41 AM   #2
eSelix
Senior Member
 
Registered: Oct 2009
Location: Wroclaw, Poland
Distribution: Arch, Kubuntu
Posts: 1,281

Rep: Reputation: 320Reputation: 320Reputation: 320Reputation: 320
If you suspecting iptables, can you post it output? Show
Code:
iptables -S
ifconfig -a
cat /etc/resolv.conf
Better forum would be "Linux - Networking".
Last edited by eSelix; 12-09-2011 at 04:46 AM.
 
Old 12-09-2011, 06:48 AM   #3
prushik
Member
 
Registered: Mar 2009
Location: Pennsylvania
Distribution: gentoo
Posts: 372

Original Poster
Rep: Reputation: 29
Quote:
Originally Posted by eSelix View Post
If you suspecting iptables, can you post it output? Show
Code:
iptables -S
ifconfig -a
cat /etc/resolv.conf
iptables -S give no output whatsoever.
ifconfig -a gives a ton of output, lots of vlan things and stuff. Strikes me a bit odd for a default config, but I didn't design it, so what do I know. Here's the output:
Code:
root@DD-WRT:~# ifconfig -a
ath0      Link encap:Ethernet  HWaddr 00:24:01:B9:64:EF  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:75890 errors:0 dropped:0 overruns:0 frame:0
          TX packets:112380 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:6705728 (6.3 MiB)  TX bytes:124664854 (118.8 MiB)

br0       Link encap:Ethernet  HWaddr 00:24:01:B9:64:EF  
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:75890 errors:0 dropped:0 overruns:0 frame:0
          TX packets:112226 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:6705728 (6.3 MiB)  TX bytes:124655329 (118.8 MiB)

eth0      Link encap:Ethernet  HWaddr 00:24:01:B9:64:F0  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:290952 errors:0 dropped:0 overruns:0 frame:0
          TX packets:52851 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:131552142 (125.4 MiB)  TX bytes:4965561 (4.7 MiB)
          Interrupt:4 Base address:0x1000 

etherip0  Link encap:Ethernet  HWaddr 92:DE:AE:CA:B3:1E  
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

gre0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          NOARP  MTU:1476  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING MULTICAST  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

teql0     Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          NOARP  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

tunl0     Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          NOARP  MTU:1480  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

vlan0     Link encap:Ethernet  HWaddr 00:24:01:B9:64:F0  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:432 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:23485 (22.9 KiB)

vlan2     Link encap:Ethernet  HWaddr 00:24:01:B9:64:F0  
          inet addr:<RE.MOV.ED_.IP>  Bcast:121.55.86.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:290952 errors:0 dropped:0 overruns:0 frame:0
          TX packets:52419 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:131552142 (125.4 MiB)  TX bytes:4942076 (4.7 MiB)

vlan2:0   Link encap:Ethernet  HWaddr 00:24:01:B9:64:F0  
          inet addr:169.254.255.1  Bcast:169.254.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

wifi0     Link encap:UNSPEC  HWaddr 00-24-01-B9-64-EF-00-00-00-00-00-00-00-00-00-00  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:79253 errors:0 dropped:0 overruns:0 frame:1511
          TX packets:114668 errors:383 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:195 
          RX bytes:9703922 (9.2 MiB)  TX bytes:127321761 (121.4 MiB)
          Interrupt:3 Memory:b0000000-b00ffffc
/etc/resolv.conf only lists 192.168.1.1 as a nameserver, which makes sense I guess since it is running its own nameserver. but I have tested and I can resolve any website from either my laptop or the router. So I'm pretty sure DNS isn't the issue here as its the one thing that works as expected.


I don't really know what to suspect. It seems to me that the list of things that could cause such an odd problem is pretty short. DNS, or iptables, or the Korean government or my ISP here filtering my internet. I ruled out DNS issues and the government (works if I bypass the router), so the only thing left in my limited knowledge is something firewall related.

I ran a traceroute to see if I could learn anything from that, but I got 17 hops to wikipedia (which doesn't work) and 19 hops to linuxquestions (which does work).


Quote:
Originally Posted by eSelix View Post
Better forum would be "Linux - Networking".
Ooops, sorry. I wouldn't be offended if somebody wants to move this.
Last edited by prushik; 12-09-2011 at 09:42 PM. Reason: Removed IP address
 
Old 12-09-2011, 07:26 AM   #4
eSelix
Senior Member
 
Registered: Oct 2009
Location: Wroclaw, Poland
Distribution: Arch, Kubuntu
Posts: 1,281

Rep: Reputation: 320Reputation: 320Reputation: 320Reputation: 320
Quote:
Originally Posted by prushik View Post
iptables -S give no output whatsoever
So, use "iptables -L".

In my opinion better is configure router from beggining, for example, I have only lo, eth0 and wifi0, iptables are clearead and only my own rules are inserted. Check your /etc/network/interfaces and use only these which you need. I don't known DDWRT, but if you have GUI for configuration, maybe you can use it. But I prefer configuration from console.

By the way, you should mask your external IP address from output.
Last edited by eSelix; 12-09-2011 at 07:37 AM.
 
Old 12-09-2011, 09:39 PM   #5
prushik
Member
 
Registered: Mar 2009
Location: Pennsylvania
Distribution: gentoo
Posts: 372

Original Poster
Rep: Reputation: 29
Quote:
Originally Posted by eSelix View Post
So, use "iptables -L".

In my opinion better is configure router from beggining, for example, I have only lo, eth0 and wifi0, iptables are clearead and only my own rules are inserted. Check your /etc/network/interfaces and use only these which you need. I don't known DDWRT, but if you have GUI for configuration, maybe you can use it. But I prefer configuration from console.
I had it set up at one point, then I noticed the problem and reset it, thinking that the problem was caused by something I did. The problem remained after I reset to defaults, which is when I posted here.
However, its strange, a few hours later, everything started working, and is still working now.

Quote:
Originally Posted by eSelix View Post
By the way, you should mask your external IP address from output.
Oops again. didn't even think of that. but really, there's no reason for somebody to attack me here, all my servers and good stuff is still back in the US. Plus, I assume most (if not all) of you guys here are stand up guys, otherwise you wouldn't be hanging around here just to answer people's questions.
 
Old 12-09-2011, 09:45 PM   #6
prushik
Member
 
Registered: Mar 2009
Location: Pennsylvania
Distribution: gentoo
Posts: 372

Original Poster
Rep: Reputation: 29
Quote:
Originally Posted by eSelix View Post
So, use "iptables -L".
Here's what iptables -L looks like. It gave me the information that I think you were looking for.
but since the problem resolved itself, Maybe it was a problem with the ISP here in Korea? That's that's the only thing that makes sense to me now.

Code:
root@DD-WRT:~# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     0    --  anywhere             anywhere            state RELATED,ESTABLISHED 
DROP       udp  --  anywhere             anywhere            udp dpt:route 
DROP       udp  --  anywhere             anywhere            udp dpt:route 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:route 
logaccept  tcp  --  anywhere             DD-WRT              tcp dpt:www 
DROP       icmp --  anywhere             anywhere            
ACCEPT     igmp --  anywhere             anywhere            
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:auth 
ACCEPT     0    --  anywhere             anywhere            state NEW 
logaccept  0    --  anywhere             anywhere            state NEW 
DROP       0    --  anywhere             anywhere            

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     gre  --  192.168.1.0/24       anywhere            
ACCEPT     tcp  --  192.168.1.0/24       anywhere            tcp dpt:1723 
ACCEPT     0    --  anywhere             anywhere            
TCPMSS     tcp  --  anywhere             anywhere            tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU 
lan2wan    0    --  anywhere             anywhere            
ACCEPT     0    --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     udp  --  anywhere             base-address.mcast.net/4 udp 
TRIGGER    0    --  anywhere             anywhere            TRIGGER type:in match:0 relate:0 
trigger_out  0    --  anywhere             anywhere            
ACCEPT     0    --  anywhere             anywhere            state NEW 
DROP       0    --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain advgrp_1 (0 references)
target     prot opt source               destination         

Chain advgrp_10 (0 references)
target     prot opt source               destination         

Chain advgrp_2 (0 references)
target     prot opt source               destination         

Chain advgrp_3 (0 references)
target     prot opt source               destination         

Chain advgrp_4 (0 references)
target     prot opt source               destination         

Chain advgrp_5 (0 references)
target     prot opt source               destination         

Chain advgrp_6 (0 references)
target     prot opt source               destination         

Chain advgrp_7 (0 references)
target     prot opt source               destination         

Chain advgrp_8 (0 references)
target     prot opt source               destination         

Chain advgrp_9 (0 references)
target     prot opt source               destination         

Chain grp_1 (0 references)
target     prot opt source               destination         

Chain grp_10 (0 references)
target     prot opt source               destination         

Chain grp_2 (0 references)
target     prot opt source               destination         

Chain grp_3 (0 references)
target     prot opt source               destination         

Chain grp_4 (0 references)
target     prot opt source               destination         

Chain grp_5 (0 references)
target     prot opt source               destination         

Chain grp_6 (0 references)
target     prot opt source               destination         

Chain grp_7 (0 references)
target     prot opt source               destination         

Chain grp_8 (0 references)
target     prot opt source               destination         

Chain grp_9 (0 references)
target     prot opt source               destination         

Chain lan2wan (1 references)
target     prot opt source               destination         

Chain logaccept (2 references)
target     prot opt source               destination         
ACCEPT     0    --  anywhere             anywhere            

Chain logdrop (0 references)
target     prot opt source               destination         
DROP       0    --  anywhere             anywhere            

Chain logreject (0 references)
target     prot opt source               destination         
REJECT     tcp  --  anywhere             anywhere            tcp reject-with tcp-reset 

Chain trigger_out (1 references)
target     prot opt source               destination
 
Old 12-10-2011, 01:20 AM   #7
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Moved to Networking.
 
  


Reply

Tags
dd-wrt, ddwrt, dir-300, iptables, router



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how can I connect to a D-link DIR-300 router using command line Tux Rules Linux - Networking 5 04-04-2011 01:31 PM
D-Link DIR-100/300/320 Lexus45 *BSD 1 01-25-2011 06:56 AM
Dell 1525 with fedora 13 and D-Link DIR 300 - no connection Mike Mather Linux - Laptop and Netbook 2 08-25-2010 06:19 PM
Can`t access certain websites theuns247 Linux - Server 4 12-09-2009 02:29 AM
DDWRT Bad Flash HELP PLEASE! bigalexe General 7 05-30-2008 04:48 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 10:35 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration