Welcome, Guest. Please login or register.

Recent Posts

Pages: 1 [2] 3 4 ... 10
11
Firewall/NAT / Re: NAT Port Fowarding Ranges Not Workig Correctly
« Last post by andywhite on August 10, 2019, 01:47:35 PM »
Please try r168
12
Firewall/NAT / Re: NAT Port Fowarding Ranges Not Workig Correctly
« Last post by tuaris on August 01, 2019, 08:11:18 AM »
I just tested in on a different device that is on 2.11.1b167 and it's the same behavior.
13
Firewall/NAT / NAT Port Fowarding Ranges Not Workig Correctly
« Last post by tuaris on August 01, 2019, 08:05:02 AM »
Looks like (at least on build 156) when setting up a Firewall: NAT forwarding rule using a range of ports, only the first port is used as the destination. 

For example I want to create a new rule to forward ports 5269 to 5271 to the internal client 192.168.0.2

- In the "External port range" field I put in 5269 in the first box and 5271 in the second.
- In the "NAT IP" field I put 192.168.0.2
- In the "Local port" field I enter 5269.
- I click save and the corresponding Firewall rules to allow the traffic on this port range are created correctly.

The expected result is that the end port will be calculated automatically so an traffic going to port 5270 will be redirected to 192.168.0.2:5270
The actual result is traffic destined for port 5270 is being redirected to 192.168.0.2:5269

This can be demonstrated with netcat

On: 192.168.0.2 start up two netcat processes
Code: [Select]
```
# nc -l 5270
```
```
# nc -l 5269
```

On an external client make the connection (X.X.X.X is the public IP of the t1n1wall):
Code: [Select]
```
nc X.X.X.X 5270
```

In the t1n1wall log, note the destination port
Code: [Select]
```
Aug  1 02:57:32 <local0.info> stargate pfmon[86]: 02:57:31.881624 em0 @50 pass X.X.X.X,13376 -> 192.168.0.2,5269 PR tcp len 20 40 -S in match
```

On the external client, send some data
Code: [Select]
```
nc X.X.X.X 5270
Test
```

The data is received on the netcat process listening on port 5269:
Code: [Select]
```
# nc -l 5270
```
```
# nc -l 5269
Test
```
14
newer APU's , APU2/APU3 , use a different hardware interface to the sd card.

r167 has this driver, can you test, hopefully it just works :)
15
Hi,

Can you post the full boot log ?

looking back at that bug, I think it couldn't find the SD device either due to not waiting long enough or a kernel change.

I don't have easy access to an APU thats not in use. you should see the SD device and controller during boot

Code: [Select]
umass0: <Generic Flash Card ReaderWriter, class 0/0, rev 2.01/1.00, addr 2> on usbus6
da0: <Multiple Card  Reader 1.00> Removable Direct Access SCSI-4 device
16
This is with the 2.11.1b165 image for AMD64.  I've tried it with different SD cards, both were new.  It looks like this problem: https://sourceforge.net/p/t1n1wall/bugs/13/

Code: [Select]
cpu_reset: Stopping other CPUs
PCEngines apu2
coreboot build 20160307
-2064 MB DRAM

SeaBIOS (version ?-20160307_153453-michael-desktop64)
Found mainboard PC Engines PCEngines apu2
multiboot: eax=0, ebx=0
boot order:
1: /[email protected]/[email protected]/usb-*@1
2: /[email protected]/[email protected]/usb-*@2
3: /[email protected]/[email protected]/usb-*@3
4: /[email protected]/[email protected]/usb-*@4
5: /[email protected]/*@14,7
6: /[email protected]/*@11/[email protected]/[email protected]
7: /[email protected]/*@11/[email protected]/[email protected]
8: /[email protected]/pxe.rom
9: pxen0
10: scon1
11:
Found 19 PCI devices (max PCI bus is 02)
Copying SMBIOS entry point from 0x77fb7000 to 0x000f3110
Copying ACPI RSDP from 0x77fb8000 to 0x000f30e0
Copying MPTABLE from 0x77fdc000/77fdc010 to 0x000f2f30
Copying PIR from 0x77fdd000 to 0x000f2f00
Using pmtimer, ioport 0x818
Scan for VGA option rom
Running option rom at c000:0003

Google, Inc.
Serial Graphics Adapter 08/22/15
SGABIOS $Id: sgabios.S 8 2010-04-22 00:03:40Z nlaredo $ ([email protected]) Sat Aug 22 09:25:30 UTC 2015
Term: 80x24
IO4 0
Turning on vga text mode console
SeaBIOS (version ?-20160307_153453-michael-desktop64)
XHCI init on dev 00:10.0: regs @ 0xfeb22000, 4 ports, 32 slots, 32 byte contexts
XHCI    extcap 0x1 @ feb22500
XHCI    protocol USB  3.00, 2 ports (offset 1), def 0
XHCI    protocol USB  2.00, 2 ports (offset 3), def 10
XHCI    extcap 0xa @ feb22540
Found 2 serial ports
ATA controller 1 at 3010/3020/0 (irq 0 dev 88)
EHCI init on dev 00:13.0 (regs=0xfeb25420)
ATA controller 2 at 3018/3024/0 (irq 0 dev 88)
Searching bootorder for: /[email protected]/*@14,7
Searching bootorder for: /[email protected]/memtest
Searching bootorder for: /[email protected]/setup
Found sdcard at 0xfeb25500: SD card SL08G 7580MiB
XHCI no devices found
Initialized USB HUB (0 ports used)
All threads complete.
Scan for option roms
PCengines Press F10 key now for boot menu:
Select boot device:

1. SD card SL08G 7580MiB
2. Payload [memtest]
3. Payload [setup]

Searching bootorder for: HALT
drive 0x000f2e90: PCHS=0/0/0 translation=lba LCHS=966/255/63 s=15523840
Space available for UMB: c1000-ef000, f0000-f2e90
Returned 262144 bytes of ZoneHigh
e820 map has 6 items:
  0: 0000000000000000 - 000000000009f800 = 1 RAM
  1: 000000000009f800 - 00000000000a0000 = 2 RESERVED
  2: 00000000000f0000 - 0000000000100000 = 2 RESERVED
  3: 0000000000100000 - 0000000077fae000 = 1 RAM
  4: 0000000077fae000 - 0000000078000000 = 2 RESERVED
  5: 00000000f8000000 - 00000000fc000000 = 2 RESERVED
enter handle_19:
  NULL
Booting from Hard Disk...
Booting from 0000:7c00
/kernel text=0xb779a8 data=0xe6090+0x310568 -
/mfsroot size=0x1c12000
Copyright (c) 1992-2018 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
        The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 11.2-RELEASE-p11 #349641: Tue Jul 16 22:56:32 IST 2019

-snip-

Code: [Select]
md0: Preloaded image </mfsroot> 29433856 bytes at 0xffffffff8136dfa0
usbus0: 480Mbps High Speed USB v2.0
ugen0.1: <AMD EHCI root HUB> at usbus0
uhub0: <AMD EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus0
g_access(944): provider md0a has error 6 set
g_access(944): provider md0a has error 6 set
g_access(944): provider md0a has error 6 set
uhub0: 2 ports with 2 removable, self powered
ugen0.2: <vendor 0x0438 product 0x7900> at usbus0
uhub1 on uhub0
uhub1: <vendor 0x0438 product 0x7900, class 9/0, rev 2.00/0.18, addr 2> on usbus0
uhub1: 4 ports with 4 removable, self powered
SMP: AP CPU #1 Launched!
SMP: AP CPU #3 Launched!
SMP: AP CPU #2 Launched!
Timecounter "TSC" frequency 998149877 Hz quality 1000
Trying to mount root from ufs:/dev/md0 []...
random: unblocking device.
kern.coredump: 1 -> 0
net.enc.in.ipsec_filter_mask: 1 -> 2
Configuration device not found; trying again in 5 seconds (2 attempt(s) left)...
Configuration device not found; trying again in 5 seconds (1 attempt(s) left)...


****************************Waiting (max 60 seconds) for system process `vnlru' to stop... done
Waiting (max 60 seconds) for system process `bufdaemon' to stop... done
Wai
Syncing disksting (max 60 se, vnodes remainconds) for system process `syncer' toing... 0  stop... 0 done
All buffers synced.
Uptime: 34s
uhub1: detached

The operating system has halted.
Please press any key to reboot.
17
General Questions / Re: Setting up for Local Development
« Last post by andywhite on July 05, 2019, 12:37:49 AM »
i've fixed them
18
General Questions / Re: Setting up for Local Development
« Last post by andywhite on July 03, 2019, 11:54:53 PM »
Those errors are harmless, they are because those perl scripts weren't intended for a single binary like t1n1box.  I should fix up those errors....
19
VPN / Re: PPTP VPN Not Accepting conections and L2TP Breaks Site-to-Site
« Last post by andywhite on July 03, 2019, 11:52:34 PM »
latest version should fix pptp and l2tp problems
20
VPN / Re: PPTP VPN Not Accepting conections and L2TP Breaks Site-to-Site
« Last post by andywhite on June 21, 2019, 11:13:51 PM »
Are your ipsec tunnels aggressive or main mode ?  There was a bug in the past for using aggressive mode tunnels with l2tp. It was fixed and then a bug raised with freebsd to fix.  When it was fixed upstream the fix was removed from t1n1wall as upstream would have been used

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203308
Pages: 1 [2] 3 4 ... 10