ebtables not working on Startup but working fine over telnet

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking
Author Message
afeno
DD-WRT Novice


Joined: 20 Mar 2015
Posts: 13

PostPosted: Fri Mar 20, 2015 14:56    Post subject: ebtables not working on Startup but working fine over telnet Reply with quote
Hello,

I would like to execute a serie of commands during the startup of the router.
My intention is to use the Administration -> Commands -> Startup

But it doesn't work...
However, if I execute the same commands through telnet everything works as expected.

The commands that I want to execute are
Code:
insmod ebtables.o
insmod ebtable_filter.o
insmod /jffs/ebt_pkttype.o
insmod ebt_ip.o
ebtables -A FORWARD -o eth1 -p ipv4 --pkttype-type multicast --ip-source ! 192.168.1.0/255.255.255.0 -j DROP


Does anybody know what could be the reason?

Thank you in advance.
Best Regards,
Alfredo.
Sponsor
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Fri Mar 20, 2015 15:26    Post subject: Reply with quote
This seems more appropriate for the firewall script.
afeno
DD-WRT Novice


Joined: 20 Mar 2015
Posts: 13

PostPosted: Fri Mar 20, 2015 15:36    Post subject: Reply with quote
eibgrad wrote:
This seems more appropriate for the firewall script.


Thank you.
I already tried with the Firewall script but it doesn't work neither...

The problem seems to be with the insmod command that can't be executed from the web interface.

There is any other way to do it?

Thanks,
Alfredo.
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Fri Mar 20, 2015 16:02    Post subject: Reply with quote
That doesn't make sense. You say the rules work when executed interactively, but not w/ firewall script. The only difference between the scripts (startup, firewall, etc.) is simply the timing of their execution. It doesn't change the functionality. Perhaps the system needs the full path to the executables.
afeno
DD-WRT Novice


Joined: 20 Mar 2015
Posts: 13

PostPosted: Fri Mar 20, 2015 16:48    Post subject: Reply with quote
eibgrad wrote:
That doesn't make sense. You say the rules work when executed interactively, but not w/ firewall script. The only difference between the scripts (startup, firewall, etc.) is simply the timing of their execution. It doesn't change the functionality. Perhaps the system needs the full path to the executables.


Hi,
For example. This command:
/sbin/insmod /lib/modules/2.4.37/ebtables_filter.o

is executed without problems through telenet but it is not working when I try to execute it through the web ("Run Commands" button, Startup, Firewall, etc.)

For the rest of commands, I have no problem to execute them through the web. ("Run Commands" button, Startup, Firewall, etc.)

That's why I believe that the issue is with the insmod command. I'm lost....

There is no init.d here that I can use? (or autoexec.bat jejeje )
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Fri Mar 20, 2015 17:06    Post subject: Reply with quote
There’s a difference between “executed without problems”, and working. One of the idiosyncrasies of insmod on dd-wrt is that if the module isn’t found or can’t be loaded, it doesn’t report an error. I assume the dd-wrt developers removed the error reporting, as they do w/ many common utilities, to save space.

So I was initially under the impression that when you said it was “working”, that you actually got the results you expected (and not just that it didn’t report any errors). Because if that’s the case, then it makes no sense that it wouldn’t work w/ the firewall script. OTOH, if it’s not actually working, telnet or otherwise, then it probably never loaded the modules in the first place.
afeno
DD-WRT Novice


Joined: 20 Mar 2015
Posts: 13

PostPosted: Fri Mar 20, 2015 17:37    Post subject: Reply with quote
eibgrad wrote:
There’s a difference between “executed without problems”, and working. One of the idiosyncrasies of insmod on dd-wrt is that if the module isn’t found or can’t be loaded, it doesn’t report an error. I assume the dd-wrt developers removed the error reporting, as they do w/ many common utilities, to save space.

So I was initially under the impression that when you said it was “working”, that you actually got the results you expected (and not just that it didn’t report any errors). Because if that’s the case, then it makes no sense that it wouldn’t work w/ the firewall script. OTOH, if it’s not actually working, telnet or otherwise, then it probably never loaded the modules in the first place.


Thank you eibgrad. Sorry for not being clear.
When I say working, I mean that the modules were loaded and the rules added. I determine if it works or not checking the modules loaded after the reboot.

Let me try to simplify the problem.
If I execute this command from telnet:
/sbin/insmod /lib/modules/2.4.37/ebtable_filter.o

The module is loaded and I can use it fine.
If I put the command in the web and I click "Run Commands" it also work fine (module loaded and working fine).

However, If I save the command into the startup and/or firewall, the module is not loaded after the router is rebooted.
I have to do it manually..

Thank you again for your support.

regards,
Alfredo.
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Fri Mar 20, 2015 19:15    Post subject: Reply with quote
Wow, this thing is fussy. You attempt to load too soon, don’t specify the path, don’t load in the right order, and it just won’t load! Anyway, the following approach finally worked for me (in the startup script):

Code:
(
set -x
while ! lsmod | grep -qm1 ebtables; do
    sleep 20
    /sbin/insmod ebtables
    /sbin/insmod ebtable_filter
    /sbin/insmod ebt_ip
    /sbin/lsmod
done
) 2>&1 | logger -t $(basename $0)[$$] &


It writes to the syslog, which you can dump with the following:

Code:
cat /var/log/messages | grep rc_startup
afeno
DD-WRT Novice


Joined: 20 Mar 2015
Posts: 13

PostPosted: Sat Mar 21, 2015 10:07    Post subject: Reply with quote
eibgrad wrote:
Wow, this thing is fussy. You attempt to load too soon, don’t specify the path, don’t load in the right order, and it just won’t load! Anyway, the following approach finally worked for me (in the startup script)


Thank you eibgrad!!! You are awesome!!! It is working perfectly.

Thank you a lot for your help. My network is working again Smile

Thanks.
Alfredo.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum