[HamWAN PSDR] AMPRnet tunnel outage

Dean Gibson AE7Q hamwan at ae7q.com
Thu Apr 10 19:23:18 PDT 2014 

On 2014-04-10 19:03, Bart Kus wrote:
>
> Yes, absolutely sure:
Ok, just checking

> Can you show your modem's routing table and firewall here?  (/ip route 
> print; /ip firewall export)

  > /ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r 
- rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
  #      DST-ADDRESS        PREF-SRC GATEWAY            DISTANCE
  0 ADS  0.0.0.0/0 44.24.240.161             1
  1 ADC  44.24.240.160/28   44.24.240.173 wlan1-gateway             0
  2 ADC  192.168.0.0/18     192.168.3.251 ether1-local              0

 > /ip firewall export
# apr/10/2014 19:20:59 by RouterOS 6.10
# software id = LTNR-CTND
#
/ip firewall filter
add chain=input comment="default configuration" protocol=icmp
add chain=input comment="default configuration" connection-state=established
add chain=input comment="default configuration" connection-state=related
add chain=input dst-port=53 in-interface=wlan1-gateway protocol=udp
add chain=input dst-port=53,80 in-interface=wlan1-gateway protocol=tcp
add action=drop chain=input comment="default configuration" 
in-interface=wlan1-gateway
add chain=forward comment="default configuration" 
connection-state=established
add chain=forward comment="default configuration" connection-state=related
add chain=forward dst-port=53 in-interface=wlan1-gateway protocol=udp
add chain=forward dst-port=53,80 in-interface=wlan1-gateway protocol=tcp
add action=drop chain=forward comment="default configuration" 
connection-state=invalid
/ip firewall mangle
add action=change-mss chain=output new-mss=1378 protocol=tcp 
tcp-flags=syn tcp-mss=!0-1378
add action=change-mss chain=forward new-mss=1378 protocol=tcp 
tcp-flags=syn tcp-mss=!0-1378
/ip firewall nat
add action=masquerade chain=srcnat comment="default configuration" 
out-interface=wlan1-gateway to-addresses=0.0.0.0
add action=masquerade chain=srcnat dst-port=53 
out-interface=ether1-local protocol=udp to-addresses=192.168.0.250
add action=masquerade chain=srcnat dst-port=53,80 
out-interface=ether1-local protocol=tcp to-addresses=192.168.0.250
add action=dst-nat chain=dstnat dst-port=53 in-interface=wlan1-gateway 
protocol=udp to-addresses=192.168.0.250
add action=dst-nat chain=dstnat dst-port=53,80 
in-interface=wlan1-gateway protocol=tcp to-addresses=192.168.0.250

Happy hunting ...


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.hamwan.net/pipermail/psdr/attachments/20140410/62523262/attachment.html>

More information about the PSDR mailing list