[CoovaChilli] DDWRT: isolated LAN clients

Brian Andrews brian at andrews.org.nz
Thu Jun 16 21:46:14 BST 2016


We’ve seen the same kind of thing with a different Atheros (QCA) switch.  You need to mess around with the switch port settings:

e.g.

swconfig dev eth1 set enable_vlan 1 
swconfig dev eth1 set apply 

http://www.dd-wrt.com/phpBB2/viewtopic.php?p=938987&sid=a7a39211c80720cd37417496c5ace691 <http://www.dd-wrt.com/phpBB2/viewtopic.php?p=938987&sid=a7a39211c80720cd37417496c5ace691>

-
brian

> On 17/06/2016, at 4:24 AM, Lorenzo Milesi <maxxer at ufficyo.com> wrote:
> 
> Hi. 
> I found an odd behavior I cannot figure out. I'm using DDWRT v3.0-r29193 std (03/02/16) on TP-Link TL-WR841ND v10. If I enable Chilli (which I have to do via scripts) the LAN ports become isolated, which means two clients connected via cable cannot communicate each other. 
> 
> I didn't find any option which could affect this, nor anything else, so I ended up having a look at Coova, but neither here I cannot find an option which could lock inter client communication.
> 
> 
> This is the iptables script fired up when chilli is starting: 
> 
> Code:
> 
> #!/bin/sh 
> iptables -D INPUT -i tun0 -j ACCEPT 
> iptables -D FORWARD -i tun0 -j ACCEPT 
> iptables -D FORWARD -o tun0 -j ACCEPT 
> iptables -I INPUT -i tun0 -j ACCEPT 
> iptables -I FORWARD -i tun0 -j ACCEPT 
> iptables -I FORWARD -o tun0 -j ACCEPT 
> iptables -t nat -D POSTROUTING -o eth1 -s 192.168.182.0/24 -j SNAT --to-source=$WANIP 
> iptables -t nat -I POSTROUTING -o eth1 -s 192.168.182.0/24 -j SNAT --to-source=$WANIP 
> echo 1 > /proc/sys/net/ipv4/conf/br0/rp_filter 
> 
> 
> What could be isolating LAN clients? 
> thanks
> 
> -- 
> Lorenzo Milesi - lorenzo.milesi at yetopen.it
> 
> YetOpen S.r.l. - http://www.yetopen.it/
> _______________________________________________
> CoovaChilli mailing list
> CoovaChilli at brightonchilli.org.uk
> https://www.brightonchilli.org.uk/mailman/listinfo/coovachilli



More information about the CoovaChilli mailing list