ebtables ebt_pkttype not loadable with insmod

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware
Goto page Previous  1, 2, 3, 4  Next
Author Message
BasCom
DD-WRT Guru


Joined: 29 Jul 2009
Posts: 1378
Location: Germany

PostPosted: Thu Feb 06, 2014 21:07    Post subject: Reply with quote
no, youre not. then pick the zip file again.
_________________
RT-N66U @ Build 25697M K3.10.63
TL-WR842ND v1 @ BS-build 23919 WDS AP
TL-WR841ND @ BS-build 23919 WDS Client
TL-WR841ND @ BS-build 23919 Client Bridge ( Routed )
Sponsor
dare978devil
DD-WRT Novice


Joined: 23 Jan 2014
Posts: 38

PostPosted: Thu Feb 06, 2014 22:07    Post subject: Reply with quote
I grabbed it from here, however they are all bin files :

ftp://ftp.dd-wrt.com/others/eko/BrainSlayer-V24-preSP2/2014/02-04-2014-r23503/broadcom/

This one was compiled with Linux 2.4.37

I have been having this problem for a while. Every bin of dd-wrt I download for the Linksys WRT54GS seems to be missing that key file, so I can't filter by packet type.

I can install it with a zip, however I can't seem to find the same package in a zip.
BasCom
DD-WRT Guru


Joined: 29 Jul 2009
Posts: 1378
Location: Germany

PostPosted: Fri Feb 07, 2014 0:21    Post subject: Reply with quote
Quote:
I can install it with a zip, however I can't seem to find the same package in a zip.


i do not understand. pick the zip i provide here

_________________
RT-N66U @ Build 25697M K3.10.63
TL-WR842ND v1 @ BS-build 23919 WDS AP
TL-WR841ND @ BS-build 23919 WDS Client
TL-WR841ND @ BS-build 23919 Client Bridge ( Routed )
dare978devil
DD-WRT Novice


Joined: 23 Jan 2014
Posts: 38

PostPosted: Fri Feb 07, 2014 0:26    Post subject: Reply with quote
Ah, gotcha. OK, I'll winSCP the zip to the /tmp directory. Sorry, thought you meant that there was a zip of the entire package I downloaded.
dare978devil
DD-WRT Novice


Joined: 23 Jan 2014
Posts: 38

PostPosted: Fri Feb 07, 2014 0:46    Post subject: Reply with quote
Ok done. I upped the ebt_pkttype.o to the /tmp directory. Then I added insmod /tmp/ebt_pkttype to the commands. The router is happy with it (no errors when running in command window), but the commands are not being taken into account. IPTV is still demolishing wifi.
BasCom
DD-WRT Guru


Joined: 29 Jul 2009
Posts: 1378
Location: Germany

PostPosted: Fri Feb 07, 2014 2:01    Post subject: Reply with quote
Try the commands via console.. try insmod with full module name. Means dont forget .o wireless is really eth1? Use -p ipv4 with ebtables command

Works for me

_________________
RT-N66U @ Build 25697M K3.10.63
TL-WR842ND v1 @ BS-build 23919 WDS AP
TL-WR841ND @ BS-build 23919 WDS Client
TL-WR841ND @ BS-build 23919 Client Bridge ( Routed )
dare978devil
DD-WRT Novice


Joined: 23 Jan 2014
Posts: 38

PostPosted: Fri Feb 07, 2014 13:20    Post subject: Reply with quote
When I go to Status - Wireless - Wireless Nodes, I can see 3 clients are connected at various TX rates. All are showing eth1 as the interface.

I have changed the startup commands to this :

insmod ebtables.o
insmod ebtable_filter.o
insmod /tmp/ebt_pkttype.o
ebtables -A FORWARD -o "eth1" -p ipv4 --pkttype-type multicast -j DROP
ebtables -A OUTPUT -o "eth1" -p ipv4 --pkttype-type multicast -j DROP

Running these in the command window does not produce an error (nor screen output). I saved them in as Startup and rebooted the modem (via Admin - Reboot).

Then I turn off wireless on the basement Sagecom so that the only wifi connection available is the Linksys Access Point. Finally, I turn on IPTV. I can't even connect to wifi upstairs when standing half a meter from the Linksys. The WLAN port light is going ballistic, flashing as fast as it can. The iPhone comes up with a message saying it cannot connect to the network. I then turn off IPTV, and wait a few seconds, the WLAN light slows to normal, and now I can connect. Wifi is fast and responsive. I did this a few times to be sure, as soon as IPTV is on, the WLAN light flashes like crazy, and wifi is all but lost. It does seem to be slightly better than it was before because it does sometimes eventually open sites such as Google or Apple.com, whereas previously it would just time out every single time. I think it was because both of those sites had little on their front page, if I tried something like ibm.com it would just time out. Also, Status - Wireless is showing very few TX packet errors (749 to be precise against 63K OK), whereas previously there were hundreds of thousands of errors.

The ethernet cable to the Access Point is plugged into LAN4 (not the WLAN port), and is then connected to an Asus GX-D1081 GB switch. I plugged the ethernet cable from the Access Port into the VIP port on the switch, hoping it would prioritize packets coming from the AP. An ethernet cable from the basement runs up to one of the other LAN ports on the switch, providing wired internet to the IPTV, Wii, XBOX, and PS3 (as well as the AP).

I am encouraged by the lack of TX errors. In troubleshooting this problem, I would very often see only 12-14% of packets be listed as OK against 86-88% listed as errors. Now only 1% result in errors. However, wifi is still not working when IPTV is on.

Thanks.
BasCom
DD-WRT Guru


Joined: 29 Jul 2009
Posts: 1378
Location: Germany

PostPosted: Fri Feb 07, 2014 15:33    Post subject: Reply with quote
this is my command i do use. but i have no wrt54gs Smile

insmod ebtables
insmod ebtable_filter
insmod ebt_pkttype
insmod ebt_ip
ebtables -A FORWARD -o eth1 -p ipv4 --pkttype-type multicast --ip-source ! 192.168.0.0/255.255.255.0 -j DROP
ebtables -A FORWARD -o eth2 -p ipv4 --pkttype-type multicast --ip-source ! 192.168.0.0/255.255.255.0 -j DROP

_________________
RT-N66U @ Build 25697M K3.10.63
TL-WR842ND v1 @ BS-build 23919 WDS AP
TL-WR841ND @ BS-build 23919 WDS Client
TL-WR841ND @ BS-build 23919 Client Bridge ( Routed )
dare978devil
DD-WRT Novice


Joined: 23 Jan 2014
Posts: 38

PostPosted: Fri Feb 07, 2014 17:12    Post subject: Reply with quote
Thanks for that. I tried your exact startup script, except I changed the IP listed because I am on the 2 subnet :

insmod ebtables.o
insmod ebtable_filter.o
insmod /tmp/ebt_pkttype.o
insmod ebt_ip.o
ebtables -A FORWARD -o eth1 -p ipv4 --pkttype-type multicast --ip-source ! 192.168.2.0/255.255.255.0 -j DROP
ebtables -A FORWARD -o eth2 -p ipv4 --pkttype-type multicast --ip-source ! 192.168.2.0/255.255.255.0 -j DROP

But still the same. No errors in the command window when I run it, but also no wifi with IPTV on.

Maybe my environment is setup incorrectly. I am running ethernet from the Sagecom in the basement, to an 8-port switch. To that switch, I have attached the Linksys as well as the IPTV. That means multicast UDP is sent out to every device, through the switch, and is getting to the Access Point. It was my understanding that the problem between IPTV and wireless is that the Access Point then dutifully rebroadcasts the multicast UDP out to all wireless clients, thereby flooding the wireless network. So if I prevent the rebroadcast, wireless devices should be able to communicate with the Access Point. But I do not run a DHCP server, nor DNS or anything else on that access point, it still has to get all the info from the Sagecom.

The switch is unmanaged, it just keeps traffic flowing. I could buy a managed switch and ensure multicast traffic is only routed to the IPTV PVR, but I am sure this must somehow work with what I have.
BasCom
DD-WRT Guru


Joined: 29 Jul 2009
Posts: 1378
Location: Germany

PostPosted: Fri Feb 07, 2014 20:23    Post subject: Reply with quote
so, if you do not use iptv on the GS device, you may block multicast completely.

security -> filter multicast.

give output:

ifconfig

and ebtables -L

_________________
RT-N66U @ Build 25697M K3.10.63
TL-WR842ND v1 @ BS-build 23919 WDS AP
TL-WR841ND @ BS-build 23919 WDS Client
TL-WR841ND @ BS-build 23919 Client Bridge ( Routed )
dare978devil
DD-WRT Novice


Joined: 23 Jan 2014
Posts: 38

PostPosted: Fri Feb 07, 2014 23:23    Post subject: Reply with quote
Ah, didn't realize that option filtered all multicast, it has been on the whole time (meaning I was wasting my time trying to get this rule right).

ifconfig output :
br0 Link encap:Ethernet HWaddr 00:0F:66:xx:xx:xx
inet addr:192.168.2.8 Bcast:192.168.2.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2964731 errors:0 dropped:0 overruns:0 frame:0
TX packets:33903 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3896833794 (3.6 GiB) TX bytes:15150530 (14.4 MiB)
br0:0 Link encap:Ethernet HWaddr 00:0F:66:xx:xx:xx
inet addr:169:xx:xx:xx Bcast:169.254.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
eth0 Link encap:Ethernet HWaddr 00:0F:66:xx:xx:xx
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3267104 errors:0 dropped:0 overruns:0 frame:0
TX packets:359791 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4176053457 (3.8 GiB) TX bytes:95941524 (91.4 MiB)
Interrupt:5
eth1 Link encap:Ethernet HWaddr 00:0F:66:xx:xx:xx
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:323242 errors:0 dropped:0 overruns:0 frame:701372
TX packets:782086 errors:4464 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:77003595 (73.4 MiB) TX bytes:797367095 (760.4 MiB)
Interrupt:4 Base address:0x1000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
vlan0 Link encap:Ethernet HWaddr 00:0F:66:xx:xx:xx
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3267079 errors:0 dropped:0 overruns:0 frame:0
TX packets:357255 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4116465378 (3.8 GiB) TX bytes:93576042 (89.2 MiB)
vlan1 Link encap:Ethernet HWaddr 00:0F:66:xx:xx:xx
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:2538 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:878148 (857.5 KiB)




ebtables -L
Bridge table: filter
Bridge chain: INPUT, entries: 0, policy: ACCEPT
Bridge chain: FORWARD, entries: 0, policy: ACCEPT
Bridge chain: OUTPUT, entries: 0, policy: ACCEPT
BasCom
DD-WRT Guru


Joined: 29 Jul 2009
Posts: 1378
Location: Germany

PostPosted: Fri Feb 07, 2014 23:33    Post subject: Reply with quote
no, it just drops mcast fpr br0 if i remeber right.

your ebtables rules are empty. so, no blocking at all.

_________________
RT-N66U @ Build 25697M K3.10.63
TL-WR842ND v1 @ BS-build 23919 WDS AP
TL-WR841ND @ BS-build 23919 WDS Client
TL-WR841ND @ BS-build 23919 Client Bridge ( Routed )
dare978devil
DD-WRT Novice


Joined: 23 Jan 2014
Posts: 38

PostPosted: Sat Feb 08, 2014 13:32    Post subject: Reply with quote
Ah I see (said the blind man). So I am guessing it is not taking into account the ebt_pkttype.o module as that would be required for multicast packet filtering. I am inserting it via :

insmod ebt_/tmp/pkttype.so

Is there a better way to do it? It seems that all of the bins I have tried for Broadcom, they never have this module. Maybe that means it doesn't work for Broadcom.....
BasCom
DD-WRT Guru


Joined: 29 Jul 2009
Posts: 1378
Location: Germany

PostPosted: Sat Feb 08, 2014 15:04    Post subject: Reply with quote
no, it works for broadcom.

you may have a look into syslog. you can also offer me account data with a noob password and i will have a look.

_________________
RT-N66U @ Build 25697M K3.10.63
TL-WR842ND v1 @ BS-build 23919 WDS AP
TL-WR841ND @ BS-build 23919 WDS Client
TL-WR841ND @ BS-build 23919 Client Bridge ( Routed )
dare978devil
DD-WRT Novice


Joined: 23 Jan 2014
Posts: 38

PostPosted: Sat Feb 08, 2014 21:43    Post subject: Reply with quote
I seem to have gremlins loose in my router. The last time I rebooted my router, it deleted the ebt_pkttype.o from the /tmp folder. Since it was no longer there, and insert module never tells you that it couldn't insert the module, most of today's tests were a waste of time.

I finally figured out it had vanished from the /tmp folder, and put it back with WinSCP. I actually had the command working briefly. I ran this :

insmod ebtables.o
insmod ebtable_filter.o
insmod /tmp/ebt_pkttype.o
insmod ebt_ip.o
ebtables -A FORWARD -o "eth1" -p ipv4 --pkttype-type multicast --ip-source ! 192.168.2.0/255.255.255.0 -j DROP

That did not work. Then for fun, I removed the insert module line for the ebt_pkttype.o line. Suddenly, it worked. It accepted the entire command and when I ran ebtables -L, it showed that it was running the command. When I went upstairs, I had wifi with the TV on. So I came back downstairs, and copied that command (minus the insmod ebt_pkttype.o line) into startup, and rebooted.

It stopped working. When I checked via telnet, the router had deleted the module again from tmp. I put it back, but now whenever I run the same command, it comes up and tells me that "The kernel doesn't support a certain ebtables extension". If I remove the part of the line concerning pkttype, it is happy. Clearly the ebt_pkttype is no longer loading correctly.

A few questions :
- Why does it delete the file every time I reboot the router from /tmp ?
- This file worked briefly. I had full wifi with the TV on, and wifi off in the basement. I was using my son's iPod (no cellular), and had my daughter test on her ipod. It worked. Now it refuses to load that module again. How is that possible?

Thanks.
Goto page Previous  1, 2, 3, 4  Next Display posts from previous:    Page 2 of 4
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum