NeoRouter http://www.neorouter.com/forum/ |
|
NR Pro 2.2.0 - Iptables issue http://www.neorouter.com/forum/viewtopic.php?f=8&t=5576 |
Page 1 of 1 |
Author: | kaa4re [ Tue Oct 14, 2014 6:35 am ] |
Post subject: | NR Pro 2.2.0 - Iptables issue |
Hi! I'm having some trobule with iptables. 1. Ubuntu 12.04.2 LTS box, default install, no iptables. 2. Setting up network. 3. Installing latest (2.2.0 pro) nrclient. 4. reboot. All is well, working just fine. 5. Adding iptables-rules. This setup is a bit special, because this is connected via GPRS, I need to limit outgoing traffic. So INPUT:ACCEPT, FORWARD:ACCEPT, OUTPUT:DROP Adding rules to allow output of the following: IP of nr server, DNS lookup, everything through nrtap. 6. starting nrservice. All is well working just fine. 7. Reboot... 8. nrservice NOT starting. 9. Firewall activated as expected. 10. starting nrservice Working Fine. 11. Removing iptables-rules. 12. Reboot. 13. Nrservice still NOT starting.... I've gooogled a whole lot for this, but I don't find anything that suggests why. Even after I've removed the firewall, it still won't start. Point 1. is starting from an Ubuntu image, to make sure I start from the same point, works fin - firewall - no starting at boot... |
Author: | kaa4re [ Tue Oct 14, 2014 10:06 am ] |
Post subject: | Re: NR Pro 2.2.0 - Iptables issue |
For those who might have the same type of issue, i worked out a solution. I incorportated both iptables and NeoRouter in NetworkManager. There is a folder (/etc/NetworkManager/dispatcher.d ) that's used for custom scripts in NM. It seems like neorouter needs to be started after iptables, so i made the following scripts: 02firewall - The iptables script. and 03neorouter - A slightly modified init script for NR. If you configure this right, you can do whatever you want with interfaces, and both NR and iptables will do just fine! All works great! |
Author: | kevinz [ Tue Oct 14, 2014 10:08 am ] |
Post subject: | Re: NR Pro 2.2.0 - Iptables issue |
Hi kaa4re, Can you send us the log file of nrservice so that we can help you to investigate it? Thanks, KevinZ - NeoRouter team |
Page 1 of 1 | All times are UTC - 5 hours |
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/ |