Hi,
my firewall configuration set the default forward policy to reject and wan
forward to drop.
iptable -L -v
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
330K 276M forwarding_rule all -- any any anywhere anywhere
/* !fw3: user chain for forwarding */
325K 276M ACCEPT all -- any any anywhere anywhere ctstate
RELATED,ESTABLISHED /* !fw3 */
3035 200K zone_lan_forward all -- br-lan any anywhere anywhere
/* !fw3 */
483 21304 zone_wan_forward all -- pppoe-wan any anywhere anywhere
/* !fw3 */
167 10623 zone_guest1_forward all -- br-guest1 any anywhere anywhere
/* !fw3 */
...
34 2040 reject all -- any any anywhere anywhere
/* !fw3 */
Chain zone_wan_forward (1 references)
pkts bytes target prot opt in out source destination
483 21304 forwarding_wan_rule all -- any any anywhere anywhere
/* !fw3: user chain for forwarding */
483 21304 ACCEPT all -- any any anywhere anywhere ctstate DNAT
/* !fw3: Accept port forwards */
0 0 zone_wan_dest_DROP all -- any any anywhere anywhere
/* !fw3 */
Chain zone_wan_dest_DROP (9 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- any pppoe-wan anywhere anywhere /*
!fw3 */
I expect, that the last line in zone_wan_forward is a drop rule with 'out' set
to 'any' and not 'out' set to
'pppoe-wan'. The same occurs for ipv6.
Regards,
Hartmut
_______________________________________________
Lede-dev mailing list
Lede-dev@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/lede-dev
