Hey guys.
I'm running a DD-WRT router (and yes, I've posted this over there, but I think that site is pretty much dead) and for the life of me cannot get xbox one to work, but xbox 360 works fine. I keep getting NAT moderate, and it's creating hell for my tenants.
Here's my IPTables script, and I warn you now I know not what I do, so if it's totally wrong, please forgive me... :P
Code:
### FIREWALL COMMANDS FOR PUBLIC/PRIVATE SSIDS
#Allow br1 to access DHCP on the router
iptables -I INPUT -i br1 -p udp --dport 67 -j ACCEPT
#Allow br1 to access DNS on the router
iptables -I INPUT -i br1 -p udp --dport 53 -j ACCEPT
iptables -I INPUT -i br1 -p tcp --dport 53 -j ACCEPT
#Drop everything else on br1
iptables -I INPUT 4 -i br1 -j DROP
#Restrict br1 from accessing br0
iptables -I FORWARD 1 -i br1 -o br0 -j DROP
#Restrict br0 from accessing br1
iptables -I FORWARD 2 -i br0 -o br1 -j DROP
#Allow br1 to access http/https & FTP to internet
iptables -I FORWARD 3 -i br1 -p tcp -m multiport --dports 80,443,21 -j ACCEPT
iptables -I FORWARD 4 -i br1 -m state --state ESTABLISHED,RELATED -j ACCEPT
#Allow access to Hamilton City Schools Schoology site
#https running @ port 8080
# https://schoology.hamiltoncityschools.com:8080
iptables -I FORWARD 3 -i br1 -p tcp -d schoology.hamiltoncityschools.com --dport 8080 -j ACCEPT
#Allow br1 to access xboxlive stuff to internet
iptables -I FORWARD 5 -i br1 -p tcp --dport 3074 -j ACCEPT
iptables -I FORWARD 6 -i br1 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -I FORWARD 7 -i br1 -p udp -m multiport --dports 4500,3544,3074,500,88 -j ACCEPT
#Drop everything else on br1
iptables -I FORWARD 8 -i br1 -j DROP
#END
I have two "waps", one for my network (BR0) and one for my tenants (BR1), they do not cross talk, and all data between them is dropped, as you can see by the rules. I'm thinking a drop rule is overriding an allow rule.
Any help would be appreciated, I've been working on this for days and I'm just at my wits end.... what drives me insane is the 360 works perfectly fine, but the xbox one doesnt...