Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

no snat rule in the up.sh and down.sh #558

Open
pan2za opened this issue Sep 13, 2022 · 5 comments
Open

no snat rule in the up.sh and down.sh #558

pan2za opened this issue Sep 13, 2022 · 5 comments

Comments

@pan2za
Copy link

pan2za commented Sep 13, 2022

should add snat rule for up.sh and down.sh
@pan2za
Copy link
Author

pan2za commented Sep 13, 2022 

iptables -F POSTROUTING -t nat
iptables -I POSTROUTING -t nat -o $HS_WANIF -j MASQUERADE

@yumarca
Copy link

yumarca commented Dec 27, 2022

what is the purpose of this rule ?

@pan2za
Copy link
Author

pan2za commented Dec 28, 2022

when the wanif is up, snat should be enabled simultaneously

@yumarca
Copy link

yumarca commented Dec 28, 2022

OK . I have a problem setting download upload bw limits when I use https://coova.github.io/mail-archive/chilli/2010-April/001239.html David's recipe. Do you have any idea how can I do it ?

My up.sh looks like
#!/bin/sh

iptables -I FORWARD -o eth0 --src 10.0.0.0/8 -m coova --name chilli -j ACCEPT
iptables -I FORWARD -i eth0 --dst 10.0.0.0/8 -m coova --name chilli --dest -j ACCEPT

iptables -I FORWARD --src 11.0.0.0/8 -j ACCEPT
iptables -I FORWARD --dst 11.0.0.0/8 -j ACCEPT

chilli_query list
40-A5-EF-EF-A2-EB 0.0.0.0 none 167221675400000002 0 - 0/0 0/0 0/0 0/0 0 0 0/0 0/0 -
82-3B-A8-A0-04-2D 10.1.0.11 pass 167221581300000003 1 82-3B-A8-A0-04-2D 1740/0 1/900 189368937/0 20547455/0 0 0 0/0 0/0 -
E0-E1-A9-2C-1D-1B 10.1.0.10 dnat 167221579100000001 0 E0-E1-A9-2C-1D-1B 0/0 0/0 0/0 0/0 0 0 0/0 0/0 -

as you can see bwup bwdown looks 0

cat /proc/net/coova/chilli
mac=82-3B-A8-A0-04-2D src=10.1.0.11 state=1 bin=20900593 bout=197089968 pin=113177 pout=165057
mac=E0-E1-A9-2C-1D-1B src=10.1.0.10 state=0 bin=0 bout=0 pin=0 pout=0

network config

config interface 'loopback'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
option device 'lo'

config globals 'globals'
option packet_steering '1'

config interface 'wan'
option proto 'dhcp'
option device 'eth0'

config interface 'vlan705'
option device 'eth1.705'
option proto 'static'
option ipaddr '10.1.0.1'
option netmask '255.255.0.0'

chilli config

config chilli
option interval '3600'
option txqlen '1000'
option sndbuf '2097152'
option rcvbuf '2097152'
option ipup '/etc/chilli/up.sh'
option ipdown '/etc/chilli/down.sh'
option radiusserver1 'xxxxxxxxxxxxx'
option radiusserver2 '31.145.254.83'
option radiusnasid 'hs_7_2_1'
option radiussecret 'xxxxxxxx'
option dns1 '1.1.1.1'
option dns2 '8.8.8.8'
option uamport '3990'
option uamuiport '4990'
option uamaliasname 'chilli'
option papalwaysok '1'
option acctupdate '1'
option uamsecret 'xxxxxxxxxxx'
option tundev 'tap1'
option usetap '1'
option dhcpif 'eth1.705'
option lease '900'
option dhcpstart '10'
option uamlisten '11.1.0.1'
option dhcplisten '10.1.0.1'
option net '10.1.0.0/16'
option dynip '10.1.0.0/24'
option statip '10.1.1.0/24'
option maxclients '2000'
option kname 'chilli'
option uamanyip '1'
option macauth '1'
option macpasswd 'password'
option uamallowed 'xxxxxxxxxxxxxxxxxxxxxt'
option uamserver 'https://xxxxdefault.aspx'

I appreciate any advise .

@pan2za
Copy link
Author

pan2za commented Apr 7, 2024

nope. still snat is needed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pan2za @yumarca