[no ics and webif bricks fon]

Been at this most of the day again...... <_<

If I use the settings static ip and bridged connection in webif I can get " half-internet" and a connected client will show an IP and mac address in the jasager interface. (ip used 192.168.0.2)

If I use the settings DHCP and bridged connection in webif I can get "half internet" but a connected client only shows a mac address NOT any IP in the jasager interface. (ip used 192.168.0.250)

:)

However on a brighter note I mentioned earlier that when I used webif to change the DHCP and IP settings and applied them I lost access to the fon.

Do this to regain access:

plug the fon into your router and go to your router log in page....Browse "connected devices" and you will see the fon and the Ip it was assigned....use this ip to regain access to webif,jasager,putty etc.

I am now at a total loss as to why I can only get "half internet".....even after a fresh flashing??

oh woe is me....lol HELP!!!!

remove webgui and you should have eough room http://www.frontiernet.net/~beakmyn/Jasage...pt_Install.html

[no ics and webif bricks fon]

:( back again! lol

I can now connect to the internet with my home pc through the fon but the only thing I can connect to is google...lol. Any other web sites I try to view start to do so and the load bar goes about half way up....then failure with nothing visible on screen. I have looked through webif gui and can see that in "system" a warning to install NTP client is visible. Don't know if that would make a difference but I can't install it via webif gui anyway.

I have had a sim experience with 1/2 internet. have you killed iptables binary? i know it seems baffling so i am following threads as more people get to this stage. I am contemplating installing interceptor or at least daemon logger...who knows- i am looking for solutions...keep us updated as to what you find out

[Fonera+ Replicate traffic on second ethernet port]

Why not make it easy on yourself and start new following my guide?

http://www.frontiernet.net/~beakmyn/Jasage...pt_Install.html

Using a Fonera+ you will then be able to plug the WAN into your network and wifi will get DHCP from it. Then you can connect your monitoring machine into the LAN port and sniff the traffic on the Jasager.

have to address space issues is my only hang..I have jasager installed and running and i can ping out from device with full dns resolution. the web gui may be leaving. what is your package list? ipkg status

[Fonera+ Replicate traffic on second ethernet port]

Install Jasager Firmware.

http://www.digininja.org/files/jasager_firmware_1.0.tar.bz2

Gargoyle is using a different kernel revision. The patched wifi drivers might not work.

nstall dnsmasq 2.39-1

Uninstall kernel 2.6.21.5-atheros-1

Uninstall kmod-gpio 2.6.21.5-atheros-1

Uninstall kmod-ipt-extra 2.6.21.5-atheros-1

Uninstall kmod-madwifi 2.6.21.5+r2568-20070710-atheros-2

Uninstall libruby 1.8.6-p36-1

Uninstall ruby 1.8.6-p36-1

Uninstall ruby-core 1.8.6-p36-1

Uninstall ruby-rexml 1.8.6-p36-1

Uninstall webif 0.3-10

Uninstall wireless-tools 29-1

this is what i have installed, i know to uninstall dnsmasq

I have jas v2 @1471

root@linksys:~# uname -a

Linux linksys 2.6.21.5 #1 Mon Dec 1 23:47:40 EST 2008 mips unknown

root@linksys:~# mount

rootfs on / type rootfs (rw)

/dev/root on /rom type squashfs (ro)

none on /proc type proc (rw)

none on /sys type sysfs (rw)

none on /tmp type tmpfs (rw,nosuid,nodev)

tmpfs on /dev type tmpfs (rw)

none on /dev/pts type devpts (rw)

/dev/mtdblock2 on /jffs type jffs2 (rw)

mini_fo:/jffs on / type mini_fo (rw)

root@linksys:~# ipkg status

Package: dnsmasq

Version: 2.39-1

Provides:

Status: install user installed

Architecture: mips

Installed-Time: 1262555813

Package: kernel

Version: 2.6.21.5-atheros-1

Provides:

Status: install ok installed

Architecture: mips

Package: kmod-gpio

Version: 2.6.21.5-atheros-1

Status: install user installed

Architecture: mips

Installed-Time: 946685425

Package: kmod-ipt-extra

Version: 2.6.21.5-atheros-1

Depends: kernel (=2.6.21.5-atheros-1)

Provides:

Status: install user installed

Architecture: mips

Package: kmod-madwifi

Version: 2.6.21.5+r2568-20070710-atheros-2

Depends: kernel (=2.6.21.5-atheros-1), wireless-tools

Provides:

Status: install user installed

Architecture: mips

Package: libruby

Version: 1.8.6-p36-1

Provides:

Status: install user installed

Architecture: mips

Installed-Time: 1237584545

Package: ruby

Version: 1.8.6-p36-1

Depends: libruby

Provides:

Status: install user installed

Architecture: mips

Installed-Time: 1237584676

Package: ruby-core

Version: 1.8.6-p36-1

Depends: ruby

Provides:

Status: install user installed

Architecture: mips

Installed-Time: 1237584935

Package: ruby-rexml

Version: 1.8.6-p36-1

Depends: ruby

Provides:

Status: install user installed

Architecture: mips

Installed-Time: 1237585041

Package: webif

Version: 0.3-10

Depends: haserl

Provides:

Status: install user installed

Architecture: mips

Package: wireless-tools

Version: 29-1

Provides:

Status: install user installed

Architecture: mips

and top

Mem: 11492K used, 2128K free, 0K shrd, 620K buff, 4676K cached

Load average: 0.07 0.10 0.10

PID USER STATUS RSS PPID %CPU %MEM COMMAND

1393 root R 428 1292 1.1 3.1 top

1291 root S 556 702 0.1 4.0 dropbear

1292 root S 520 1291 0.0 3.8 ash

838 root S 520 1 0.0 3.8 S91jasager

840 root S 444 1 0.0 3.2 logwatch

188 root S 404 1 0.0 2.9 logger

1 root S 396 0 0.0 2.9 init

795 nobody S 388 1 0.0 2.8 dnsmasq

199 root S 364 1 0.0 2.6 syslogd

837 root S 332 1 0.0 2.4 logread

702 root S 328 1 0.0 2.4 dropbear

687 root S 324 1 0.0 2.3 crond

836 root S 316 1 0.0 2.3 httpd

839 root S 316 1 0.0 2.3 tail

717 root S 316 1 0.0 2.3 httpd

202 root S 300 1 0.0 2.1 klogd

803 root S 300 1 0.0 2.1 ntpclient

227 root S 268 1 0.0 1.9 hotplug2

190 root S 244 1 0.0 1.7 init

737 root S 216 1 0.0 1.5 udhcpc

41 root SW 0 1 0.0 0.0 mtdblockd

if i do

root@OpenWrt:~# mount.cifs \\\\<ip.of.my.svr>\\<share> /mnt/mount_point -o user="",pass="",dom=<workgroup>

can i run more stuff albeit over a network connection? i probably need it in root though right?

I have jasager working- i connect through wifi and can make it to some sites, ping and dns works fine, hoping this solution works out some of the kinks i have experienced with ics. thanks for the patience. I am going to stay on this til i get it working right.

[Fonera+ Replicate traffic on second ethernet port]

My suggestion: follow the guide. Install the Jasager firmware and go from there. What else are you doing on this Fon that you've run out of space?

On my Fon+ that I've got Jasager, Interceptor and OpenVPN installed I'm only using 28% of the available space.

you mean gargoyle

what are refs to tarpit in syslog there i found this amusing

i have openwrt 7.09 and minimal packages

maybe i partitioned it wrong i think gargoyle will give me back a few megs maybe a better choice

[Fonera+ Replicate traffic on second ethernet port]

Karma IS working. Hamster and Ferret should work also if you run them from the sniffing laptop. Only problem is the sniffing laptop is just that, sniffing. It doesn't have a route to the internet through the Fon. Which is just as well as you'd be adding unwanted traffic. It's best to use a second ethernet connection.

i started to follow howto but quickly realized i have no memory left to install deps and then interceptor. i am running 7.09 on fonera+ should i try to get samba going and mount space that way? any explanation appreciated

Jan 1 00:00:11 (none) syslog.info syslogd started: BusyBox v1.4.2

Jan 1 00:00:11 (none) user.notice kernel: klogd started: BusyBox v1.4.2 (2008-12-01 23:41:48 EST)

Jan 1 00:00:11 (none) user.notice kernel: Linux version 2.6.21.5 (eric@Osiris) (gcc version 4.1.2) #1 Mon Dec 1 23:47:40 EST 2008

Jan 1 00:00:11 (none) user.warn kernel: CPU revision is: 00019064

Jan 1 00:00:11 (none) user.warn kernel: Determined physical RAM map:

Jan 1 00:00:11 (none) user.warn kernel: memory: 01000000 @ 00000000 (usable)

Jan 1 00:00:11 (none) user.info kernel: Initrd not found or empty - disabling initrd

Jan 1 00:00:11 (none) user.debug kernel: On node 0 totalpages: 4096

Jan 1 00:00:11 (none) user.debug kernel: DMA zone: 32 pages used for memmap

Jan 1 00:00:11 (none) user.debug kernel: DMA zone: 0 pages reserved

Jan 1 00:00:12 (none) user.debug kernel: DMA zone: 4064 pages, LIFO batch:0

Jan 1 00:00:12 (none) user.debug kernel: Normal zone: 0 pages used for memmap

Jan 1 00:00:12 (none) user.warn kernel: Built 1 zonelists. Total pages: 4064

Jan 1 00:00:12 (none) user.notice kernel: Kernel command line: console=ttyS0,9600 rootfstype=squashfs,jffs2 init=/etc/preinit

Jan 1 00:00:12 (none) user.warn kernel: Primary instruction cache 16kB, physically tagged, 4-way, linesize 16 bytes.

Jan 1 00:00:12 (none) user.warn kernel: Primary data cache 16kB, 4-way, linesize 16 bytes.

Jan 1 00:00:12 (none) user.info kernel: Synthesized TLB refill handler (20 instructions).

Jan 1 00:00:12 (none) user.info kernel: Synthesized TLB load handler fastpath (32 instructions).

Jan 1 00:00:12 (none) user.info kernel: Synthesized TLB store handler fastpath (32 instructions).

Jan 1 00:00:12 (none) user.info kernel: Synthesized TLB modify handler fastpath (31 instructions).

Jan 1 00:00:12 (none) user.warn kernel: PID hash table entries: 64 (order: 6, 256 bytes)

Jan 1 00:00:12 (none) user.warn kernel: Using 92.000 MHz high precision timer.

Jan 1 00:00:12 (none) user.warn kernel: Dentry cache hash table entries: 2048 (order: 1, 8192 bytes)

Jan 1 00:00:12 (none) user.warn kernel: Inode-cache hash table entries: 1024 (order: 0, 4096 bytes)

Jan 1 00:00:12 (none) user.info kernel: Memory: 13504k/16384k available (1956k kernel code, 2880k reserved, 291k data, 116k init, 0k highmem)

Jan 1 00:00:12 (none) user.debug kernel: Calibrating delay loop... 183.50 BogoMIPS (lpj=917504)

Jan 1 00:00:12 (none) user.warn kernel: Mount-cache hash table entries: 512

Jan 1 00:00:12 (none) user.info kernel: NET: Registered protocol family 16

Jan 1 00:00:12 (none) user.warn kernel: Radio config found at offset 0xf8(0x1f8)

Jan 1 00:00:12 (none) user.info kernel: Time: MIPS clocksource has been installed.

Jan 1 00:00:12 (none) user.info kernel: NET: Registered protocol family 2

Jan 1 00:00:12 (none) user.warn kernel: IP route cache hash table entries: 1024 (order: 0, 4096 bytes)

Jan 1 00:00:12 (none) user.warn kernel: TCP established hash table entries: 512 (order: 0, 4096 bytes)

Jan 1 00:00:12 (none) user.warn kernel: TCP bind hash table entries: 512 (order: -1, 2048 bytes)

Jan 1 00:00:12 (none) user.info kernel: TCP: Hash tables configured (established 512 bind 512)

Jan 1 00:00:12 (none) user.info kernel: TCP reno registered

Jan 1 00:00:12 (none) user.info kernel: squashfs: version 3.0 (2006/03/15) Phillip Lougher

Jan 1 00:00:12 (none) user.warn kernel: Registering mini_fo version $Id$

Jan 1 00:00:12 (none) user.info kernel: JFFS2 version 2.2. (NAND) © 2001-2006 Red Hat, Inc.

Jan 1 00:00:12 (none) user.info kernel: io scheduler noop registered

Jan 1 00:00:12 (none) user.info kernel: io scheduler deadline registered (default)

Jan 1 00:00:12 (none) user.info kernel: Serial: 8250/16550 driver $Revision: 1.90 $ 1 ports, IRQ sharing disabled

Jan 1 00:00:12 (none) user.info kernel: serial8250: ttyS0 at MMIO 0xb1100003 (irq = 37) is a 16550A

Jan 1 00:00:12 (none) user.warn kernel: PHY ID: 0000:0000

Jan 1 00:00:12 (none) user.notice kernel: eth0: Dropping NETIF_F_SG since no checksum feature.

Jan 1 00:00:12 (none) user.warn kernel: eth0: Atheros AR231x: 00:18:84:a3:14:a8, irq 4

Jan 1 00:00:12 (none) user.warn kernel: Initialising Marvell switch... done.

Jan 1 00:00:12 (none) user.notice kernel: cmdlinepart partition parsing not available

Jan 1 00:00:12 (none) user.notice kernel: Searching for RedBoot partition table in spiflash at offset 0x7d0000

Jan 1 00:00:12 (none) user.notice kernel: Searching for RedBoot partition table in spiflash at offset 0x7e0000

Jan 1 00:00:12 (none) user.notice kernel: 5 RedBoot partitions found on MTD device spiflash

Jan 1 00:00:12 (none) user.notice kernel: Creating 5 MTD partitions on "spiflash":

Jan 1 00:00:12 (none) user.notice kernel: 0x00000000-0x00030000 : "RedBoot"

Jan 1 00:00:12 (none) user.notice kernel: 0x00030000-0x00720000 : "rootfs"

Jan 1 00:00:12 (none) user.notice kernel: 0x00260000-0x00720000 : "rootfs_data"

Jan 1 00:00:12 (none) user.notice kernel: 0x00720000-0x007e0000 : "vmlinux.bin.l7"

Jan 1 00:00:12 (none) user.notice kernel: 0x007e0000-0x007ef000 : "FIS directory"

Jan 1 00:00:12 (none) user.notice kernel: 0x007ef000-0x007f0000 : "RedBoot config"

Jan 1 00:00:12 (none) user.warn kernel: nf_conntrack version 0.5.0 (128 buckets, 1024 max)

Jan 1 00:00:12 (none) user.warn kernel: ip_tables: © 2000-2006 Netfilter Core Team

Jan 1 00:00:12 (none) user.info kernel: TCP vegas registered

Jan 1 00:00:12 (none) user.info kernel: NET: Registered protocol family 1

Jan 1 00:00:12 (none) user.info kernel: NET: Registered protocol family 17

Jan 1 00:00:12 (none) user.info kernel: 802.1Q VLAN Support v1.8 Ben Greear <greearb@candelatech.com>

Jan 1 00:00:12 (none) user.info kernel: All bugs added by David S. Miller <davem@redhat.com>

Jan 1 00:00:12 (none) user.warn kernel: VFS: Mounted root (squashfs filesystem) readonly.

Jan 1 00:00:12 (none) user.info kernel: Freeing unused kernel memory: 116k freed

Jan 1 00:00:12 (none) user.warn kernel: Warning: unable to open an initial console.

Jan 1 00:00:12 (none) user.info kernel: eth0: Configuring MAC for full duplex

Jan 1 00:00:12 (none) user.warn kernel: Algorithmics/MIPS FPU Emulator v1.5

Jan 1 00:00:12 (none) user.info kernel: mini_fo: using base directory: /

Jan 1 00:00:12 (none) user.info kernel: mini_fo: using storage directory: /jffs

Jan 1 00:00:12 (none) user.info : syslogd has already been started.

Jan 1 00:00:12 (none) user.info : klogd has already been started.

Jan 1 00:00:14 (none) user.info : uci: Entry not found

Jan 1 00:00:14 (none) user.info kernel: device eth0.0 entered promiscuous mode

Jan 1 00:00:14 (none) user.info kernel: eth0.0: dev_set_promiscuity(master, 1)

Jan 1 00:00:14 (none) user.info kernel: device eth0 entered promiscuous mode

Jan 1 00:00:14 (none) user.debug kernel: eth0.0: add 01:00:5e:00:00:01 mcast address to master interface

Jan 1 00:00:14 (none) user.info kernel: br-lan: port 1(eth0.0) entering learning state

Jan 1 00:00:14 (none) user.info kernel: br-lan: topology change detected, propagating

Jan 1 00:00:14 (none) user.info kernel: br-lan: port 1(eth0.0) entering forwarding state

Jan 1 00:00:15 (none) user.info : uci: Entry not found

Jan 1 00:00:16 (none) user.info : /sbin/hotplug-call: .: 1: Can't open /var/state/network

Jan 1 00:00:16 (none) user.info kernel: PPP generic driver version 2.4.2

Jan 1 00:00:17 (none) user.debug kernel: eth0.1: add 01:00:5e:00:00:01 mcast address to master interface

Jan 1 00:00:17 (none) user.info : uci: Entry not found

Jan 1 00:00:18 (none) user.warn kernel: xt_CHAOS: Warning: Could not find or load "TARPIT" target

Jan 1 00:00:18 (none) user.info kernel: IPP2P v0.8.1_rc1 loading

Jan 1 00:00:18 (none) user.info kernel: IMQ starting with 2 devices...

Jan 1 00:00:18 (none) user.info kernel: IMQ driver loaded successfully.

Jan 1 00:00:18 (none) user.info kernel: ^IHooking IMQ before NAT on PREROUTING.

Jan 1 00:00:18 (none) user.info kernel: ^IHooking IMQ after NAT on POSTROUTING.

Jan 1 00:00:19 (none) user.warn kernel: ipt_time loading

Jan 1 00:00:20 (none) user.info kernel: wlan: 0.8.4.2 (svn r2568)

Jan 1 00:00:20 (none) user.warn kernel: ath_hal: module license 'Proprietary' taints kernel.

Jan 1 00:00:20 (none) user.info kernel: ath_hal: 0.9.30.13 (AR5212, AR5312, RF2316, TX_DESC_SWAP)

Jan 1 00:00:21 (none) user.info kernel: ath_rate_minstrel: Minstrel automatic rate control algorithm 1.2 (svn r2568)

Jan 1 00:00:21 (none) user.info kernel: ath_rate_minstrel: look around rate set to 10%

Jan 1 00:00:21 (none) user.info kernel: ath_rate_minstrel: EWMA rolloff level set to 75%

Jan 1 00:00:21 (none) user.info kernel: ath_rate_minstrel: max segment size in the mrr set to 6000 us

Jan 1 00:00:21 (none) user.info kernel: wlan: mac acl policy registered

Jan 1 00:00:22 (none) user.info kernel: ath_ahb: 0.9.4.5 (svn r2568)

Jan 1 00:00:22 (none) user.info kernel: ath_pci: switching rfkill capability off

Jan 1 00:00:22 (none) user.info kernel: ath_pci: switching per-packet transmit power control off

Jan 1 00:00:22 (none) user.warn kernel: wifi0: 11b rates: 1Mbps 2Mbps 5.5Mbps 11Mbps

Jan 1 00:00:22 (none) user.warn kernel: wifi0: 11g rates: 1Mbps 2Mbps 5.5Mbps 11Mbps 6Mbps 9Mbps 12Mbps 18Mbps 24Mbps 36Mbps 48Mbps 54Mbps

Jan 1 00:00:22 (none) user.warn kernel: wifi0: H/W encryption support: WEP AES AES_CCM TKIP

Jan 1 00:00:22 (none) user.warn kernel: wifi0: mac 11.0 phy 4.8 radio 7.0

Jan 1 00:00:22 (none) user.warn kernel: wifi0: Use hw queue 1 for WME_AC_BE traffic

Jan 1 00:00:22 (none) user.warn kernel: wifi0: Use hw queue 0 for WME_AC_BK traffic

Jan 1 00:00:22 (none) user.warn kernel: wifi0: Use hw queue 2 for WME_AC_VI traffic

Jan 1 00:00:22 (none) user.warn kernel: wifi0: Use hw queue 3 for WME_AC_VO traffic

Jan 1 00:00:22 (none) user.warn kernel: wifi0: Use hw queue 8 for CAB traffic

Jan 1 00:00:22 (none) user.warn kernel: wifi0: Use hw queue 9 for beacons

Jan 1 00:00:22 (none) user.warn kernel: wifi0: Driver has Fon Karma 1.0 patches by Robin Wood <dninja@gmail.com> enabled

Jan 1 00:00:22 (none) user.info kernel: wifi0: Atheros 2315 WiSoC: mem=0xb0000000, irq=3

Jan 1 00:00:23 (none) user.info : udhcpc (v1.4.2) started

Jan 1 00:00:25 (none) user.info : uci: Entry not found

Jan 1 00:00:26 (none) user.info : uci: Entry not found

Jan 1 00:00:27 (none) user.info : Sending discover...

Jan 1 00:00:27 (none) user.info : Sending select for 192.168.10.100...

Jan 1 00:00:27 (none) user.info : Lease of 192.168.10.100 obtained, lease time 604800

Jan 1 00:00:28 (none) user.info : /sbin/hotplug-call: .: 1: Can't open /var/state/network

Jan 1 00:00:28 (none) user.info : adding router 192.168.10.2

Jan 1 00:00:28 (none) user.info : deleting old routes

Jan 1 00:00:31 (none) user.info kernel: device ath0 entered promiscuous mode

Jan 1 00:00:31 (none) user.info : device ath0 is already a member of a bridge; can't enslave it to bridge br-lan.

Jan 1 00:00:31 (none) user.info : device br-lan already exists; can't create bridge with the same name

Jan 1 00:00:31 (none) user.info : device ath0 is already a member of a bridge; can't enslave it to bridge br-lan.

Jan 1 00:00:31 (none) user.info kernel: br-lan: port 2(ath0) entering learning state

Jan 1 00:00:31 (none) user.info kernel: br-lan: topology change detected, propagating

Jan 1 00:00:31 (none) user.info kernel: br-lan: port 2(ath0) entering forwarding state

Jan 1 00:00:31 (none) user.info : uci: Entry not found

Jan 1 00:00:31 (none) user.info : uci: Entry not found

Jan 1 00:00:32 (none) user.info : /etc/init.d/rcS: /etc/init.d/rcS: 8: /etc/rc.d/S45firewall: not found

Jan 1 00:00:32 (none) cron.notice crond[650]: crond 2.3.2 dillon, started, log level 8

Jan 1 00:00:32 (none) authpriv.info dropbear[655]: Running in background

Jan 1 00:00:34 (none) user.info : /etc/rc.common: eval: 1: iptables: not found

Jan 1 00:00:34 (none) user.info : /etc/rc.common: eval: 1: iptables: not found

Jan 1 00:00:34 (none) user.info : /etc/rc.common: eval: 1: iptables: not found

Jan 1 00:00:34 (none) user.info : /etc/rc.common: eval: 1: iptables: not found

Jan 1 00:00:34 (none) user.info : /etc/rc.common: eval: 1: iptables: not found

Jan 1 00:00:35 (none) user.info : /etc/rc.common: eval: 1: iptables: not found

Jan 1 00:00:35 (none) user.info : /etc/rc.common: eval: 1: iptables: not found

Jan 1 00:00:35 (none) user.info : /etc/rc.common: eval: 1: iptables: not found

Jan 1 00:00:35 (none) user.info : /etc/rc.common: eval: 1: iptables: not found

Jan 1 00:00:36 (none) user.info : ERROR: no valid monitors defined in config file

Jan 1 00:00:38 (none) user.info : /etc/rc.common: eval: 23: list: not found

Jan 1 00:00:38 (none) user.info : /etc/rc.common: eval: 24: list: not found

Jan 1 00:00:39 (none) daemon.info dnsmasq[787]: started, version 2.39 cachesize 150

Jan 1 00:00:39 (none) daemon.info dnsmasq[787]: compile time options: IPv6 GNU-getopt ISC-leasefile no-DBus no-I18N TFTP

Jan 1 00:00:39 (none) daemon.info dnsmasq[787]: using local addresses only for domain lan

Jan 1 00:00:39 (none) daemon.warn dnsmasq[787]: failed to access /tmp/dhcp.leases: No such file or directory

Jan 1 00:00:39 (none) daemon.info dnsmasq[787]: reading /tmp/resolv.conf.auto

Jan 1 00:00:39 (none) daemon.info dnsmasq[787]: using nameserver 192.168.10.2#53

Jan 1 00:00:39 (none) daemon.info dnsmasq[787]: using local addresses only for domain lan

Jan 1 00:00:39 (none) daemon.info dnsmasq[787]: read /etc/hosts - 1 addresses

Jan 1 00:00:42 (none) user.info : ERROR: No valid dynamic DNS service configurations defined

Jan 1 00:00:42 (none) user.info : (Did you specify correct configuration file path?)

Jan 1 00:00:43 (none) user.info : /etc/rc.common: eval: 1: iptables: not found

Jan 1 00:00:43 (none) user.info : /etc/rc.common: eval: 1: iptables: not found

Jan 1 00:00:43 (none) user.info : /etc/rc.common: eval: 1: iptables: not found

Jan 1 00:00:43 (none) user.info : /etc/rc.common: /etc/rc.d/S91jasager: 17: Syntax error: end of file unexpected (expecting "}")

Jan 1 00:00:59 (none) user.info : route: resolving 192.168.1.100;

Jan 1 00:00:59 (none) user.info : adding dns 192.168.10.2

Jan 1 00:00:59 (none) user.info : uci: Entry not found

Jan 1 00:01:00 (none) user.info : uci: Entry not found

Jan 1 00:01:00 (none) user.info : uci: Entry not found

Jan 1 00:01:00 (none) user.info : uci: Entry not found

Jan 1 00:01:00 (none) user.info : uci: Entry not found

Jan 1 00:01:00 (none) user.info : uci: Entry not found

Jan 1 00:01:00 (none) user.info : /sbin/hotplug-call: .: 1: Can't open /var/state/network

Feb 2 01:56:23 (none) cron.warn crond[650]: time disparity of 5306515 minutes detected

Feb 2 01:56:23 (none) user.info : ERROR: No valid dynamic DNS service configurations defined

Feb 2 01:56:23 (none) user.info : (Did you specify correct configuration file path?)

Feb 2 01:56:23 (none) user.info : uci: Entry not found

Feb 2 01:56:23 (none) user.info : uci: Entry not found

Feb 2 01:56:23 (none) user.info : uci: Entry not found

Feb 2 01:56:23 (none) user.info : uci: Entry not found

Feb 2 01:56:23 (none) user.info : uci: Entry not found

Feb 2 01:56:23 (none) user.info : uci: Entry not found

Feb 2 01:56:23 (none) user.info : /sbin/hotplug-call: .: 1: Can't open /var/state/network

Feb 2 01:56:24 (none) user.info : ERROR: No valid dynamic DNS service configurations defined

Feb 2 01:56:24 (none) user.info : (Did you specify correct configuration file path?)

[Fonera+ Replicate traffic on second ethernet port]

wow this is huge! thx for the major hackage. major workaround that makes things simpler - probs here getting ics to fully work for me so i am going to try this out soon. please keep updating and documenting. can you get all the other addons running ie hanmster and ferret and karma? appreciate it!

[firestarter ICS bridge routing]

I am sshing to my gateway to make it forward to other subnet...

iptables -L -v locks me out I then ssh again to router and

iptables -P INPUT ACCEPT

iptables -P OUTPUT ACCEPT

iptables -P FORWARD ACCEPT

iptables -L -v locks me out again...maybe i should ssh more directly and not from client....ok i just checked that and no problem- i load up ruleset fine....time to make some alterations.

[firestarter ICS bridge routing]

i am looking at this topic http://hak5.org/forums/index.php?showtopic=10955 good thread....

I have br-lan not br0...I can open ssh on fon and also my wrt54g running openwrt. i can ping out from client but i cannot ping client from gateway(wrt54g). I may flush evrything and just work up the chain.

[firestarter ICS bridge routing]

update: i am running it...it is handing out addys, i may have fixed it so it also hands out gateway, dns is working though my network...i have successfully completed the necessary circuit (google news works great) but other sites do not resolve...they ping and resolve fine i mean but no browser action is happening. I am also into the fon through the wireless client now (it is easy to lock yourself out and lose the ip settings- i just plug in wan and screw around with it and after nmap and wireshark you will zoom in on it. i think i may have reflashed once on account of this...this is in spite of the fact that i have lan as a static- sometimes it just doesnt show up for me. anyways I do have a large collection of riles in etc/init.d/firewall i am considering flushing everything and just starting a custom ruleset. i also saw this...

Note: In current versions of Kamikaze, traffic forwarding is disallowed by default. this means that in

order to route between multiple networks on your local network, you will need to allow this.

from telnet or ssh, enter this if your router can ping these networks, but hosts return "destination port unreachable"

uci set firewall.@zone[0].forward=ACCEPT; uci commit firewall; /etc/init.d/firewall restart

[firestarter ICS bridge routing]

well i got windows going in ics now just because i am curious...I am getting exact same behavior- i establish my route and hit google fine...just no rest of the internet. I may look at walkthroughs one more time and i may well hook the other drive up and do iptables hacking. that last link looked to be interesting, the repaeter aspect could be valuable for wisp. i am going to have to check out some wikis and how tos. the wireless field looks to be growing fast especially with white space spectrum becoming available. i am sort of suprized there are not more ad hoc metro wisps popping up. i guess backhaul bandwidth can get pricey.

[firestarter ICS bridge routing]

I found something that looks to be very helpful

http://fonblog.wordpress.com/2007/02/19/fo...eless-repeater/

looks good, lots of background.

[firestarter ICS bridge routing]

sudo iptables -L -v shows extensive fw setup...

disabling fw (thus fwding) stops all rules and cuts off client

restarted fw and am going to go through rules.

stay tuned.

[firestarter ICS bridge routing]

You are going to need a rule on your default gateway, and any other routing devices that says to route to the subnet the Fon is on you need to go through Jasager.

I'd drop all the firewall stuff and just try to get a connection without it first.

Going with static IPs to start with is also a good idea. Make everything as basic and fixed as possible, get it working and then move up from there one step at a time.

Make sure you have /proc/sys/net/ipv4/ip_forward set to 1 on the machine doing the forwarding.

1.ok all fw stuff is dropped check...my ssh session died...i rebooted fonera went to 1471 and interface is up with karma off. i connected wirelessly ...added my route as 192.168.1.1 and i can ping and resolve google. i open a browser and get a fast connection to google.

2.checking the laptops etc/resolve shows nameserver 4.2.2.2 which works...

3.cat /proc/sys/net/ipv4/ip_forward shows as 1 check

so traffic will be coming back on my internal ics ethernet which is 192.168.1.1 and then needs to get routed to 192.168.1.129 (fon ethernet which is bridged to fon this shows up as br-lan)

arp shows 192.168.1.1 as br-lan

brctl show yields br-lan comprised of eth0.0 and ath0

do I need to log into a shell and enable forwarding on openwrt which is acting as gateway?

sorry i am a bit lost here but i am willing to stick to it til i get it. i am looking at running some enumeration programs or some cimple command line investigation to wee more fully what is happening. i have ntop, etherape running and wireshark running on machines...maybe i need to start applying some filters and drilling down to isolate and make sense of it all. like you said one step at a time...since i have it running and even just surfing google at least gives me some faith that i am close to solving the puzzle...the routing must be close or i would not be getting the type of connectivity...once i get it going i am going to start up some torrents just to torture test it for a while. i was impressed that tor seemd to have no problems with it either! ok thatnks for all the help and patience i really do appreciate it.

[firestarter ICS bridge routing]

here is set up

cable modem >>>

router di-604 running dhcp 192.168.10.2 gw >>>

wrt54g running openwrt 192.168.20.1 >>>> (wifi disable just running as router)

I then have ubuntu box with 2 nics 192.168.20.136 (facing internet) and 192.168.1.1 (connected to fon+)

my fonera+ has 192.168.1.129

i goto :1471 and make sure it is down and then run top and kill dnsmasq and then stat it up with a 192.168.1.120,192.168.1.140

this works fine...I start up jasager and make sure i am in whitelist mode and add linksys...

I start up laptop and surf to linksys and may fail once but then i attach and get an ip...I have to add route as 192.168.1.1 and i can ping out and also resolve. I can surf to google and have fast google news etc and a few other sites but regular surfing does not work.

I am looking into making sure i have an unobstructed view to internet....I can get on server machine and surf fine to sites- the prob is isolated to the wireless client. I have firestarter facilitating ics and ipv4 forwarding is on. I have tried a couple of firewall rules but they have not seemed to have an affect (br-lan fwd/accept) maybe i will have another look at these and look at wireshark and see what is happening. any suggestions/advice appreciated.

++++++++

I need to have dhcp hand out correct gateway as well as assign ip (it assigns isp fine, just have to check what it is putting in resolv...)

I need to add rule to iptables so that packets coming in on one network know how to be routed to 10.1.1.0?

lastly here is ifconfig from ssh on fon and some other configs

login as: root

root@192.168.1.129's password:

BusyBox v1.4.2 (2008-12-01 23:41:48 EST) Built-in shell (ash)

Enter 'help' for a list of built-in commands.

_______ ________ __

| |.-----.-----.-----.| | | |.----.| |_

| - || _ | -__| || | | || _|| _|

|_______|| __|_____|__|__||________||__| |____|

|__| W I R E L E S S F R E E D O M

KAMIKAZE (7.09) -----------------------------------

* 10 oz Vodka Shake well with ice and strain

* 10 oz Triple sec mixture into 10 shot glasses.

* 10 oz lime juice Salute!

---------------------------------------------------

root@OpenWrt:~# ifconfig

ath0 Link encap:Ethernet HWaddr 00:18:84:A3:14:A9

inet addr:10.1.1.1 Bcast:10.255.255.255 Mask:255.0.0.0

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:25976 errors:0 dropped:0 overruns:0 frame:0

TX packets:26518 errors:0 dropped:61 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:2188422 (2.0 MiB) TX bytes:11808015 (11.2 MiB)

br-lan Link encap:Ethernet HWaddr 00:18:84:A3:14:A8

inet addr:192.168.1.129 Bcast:192.168.1.255 Mask:255.255.255.0

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:43441 errors:0 dropped:0 overruns:0 frame:0

TX packets:47184 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:2683232 (2.5 MiB) TX bytes:34672962 (33.0 MiB)

eth0 Link encap:Ethernet HWaddr 00:18:84:A3:14:A8

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:30395 errors:0 dropped:0 overruns:0 frame:0

TX packets:40862 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:6552701 (6.2 MiB) TX bytes:28337996 (27.0 MiB)

Interrupt:4 Base address:0x1000

eth0.0 Link encap:Ethernet HWaddr 00:18:84:A3:14:A8

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:30391 errors:0 dropped:0 overruns:0 frame:0

TX packets:34585 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:6126971 (5.8 MiB) TX bytes:26281382 (25.0 MiB)

eth0.1 Link encap:Ethernet HWaddr 00:18:84:A3:14:A8

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:6276 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:0 (0.0 B) TX bytes:2027148 (1.9 MiB)

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:313 errors:0 dropped:0 overruns:0 frame:0

TX packets:313 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:34161 (33.3 KiB) TX bytes:34161 (33.3 KiB)

wifi0 Link encap:Ethernet HWaddr 00:18:84:A3:14:A9

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:93401 errors:0 dropped:0 overruns:0 frame:499696

TX packets:27990 errors:1000 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:199

RX bytes:10937247 (10.4 MiB) TX bytes:12557876 (11.9 MiB)

Interrupt:3 Memory:b0000000-b00ffffc

root@OpenWrt:~#

chad@lappie:~$ ifconfig

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:41688 errors:0 dropped:0 overruns:0 frame:0

TX packets:41688 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:6916172 (6.5 MB) TX bytes:6916172 (6.5 MB)

wlan0 Link encap:Ethernet HWaddr xx:r0:0c:i0:37:xx

inet addr:192.168.1.105 Bcast:192.168.1.255 Mask:255.255.255.0

inet6 addr: fe80::240:cff:fe00:37ec/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:19653 errors:48 dropped:5592 overruns:0 frame:0

TX packets:18246 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:10598420 (10.1 MB) TX bytes:1928088 (1.8 MB)

chad@lappie:~$ traceroute 4.2.2.2

traceroute to 4.2.2.2 (4.2.2.2), 30 hops max, 40 byte packets

1 * * *

2 * * 192.168.20.1 (192.168.20.1) 152.462 ms

3 192.168.10.2 (192.168.10.2) 152.667 ms 152.628 ms *

4 * * *

5 * * *

here is a copy of firewall user entry

#!/bin/sh

# Copyright © 2006 OpenWrt.org

iptables -F input_rule

iptables -F output_rule

iptables -F forwarding_rule

iptables -t nat -F prerouting_rule

iptables -t nat -F postrouting_rule

# The following chains are for traffic directed at the IP of the

# WAN interface

iptables -F input_wan

iptables -F forwarding_wan

iptables -t nat -F prerouting_wan

### Open port to WAN

## -- This allows port 22 to be answered by (dropbear on) the router

# iptables -t nat -A prerouting_wan -p tcp --dport 22 -j ACCEPT

# iptables -A input_wan -p tcp --dport 22 -j ACCEPT

### Port forwarding

## -- This forwards port 8080 on the WAN to port 80 on 192.168.1.2

# iptables -t nat -A prerouting_wan -p tcp --dport 8080 -j DNAT --to 192.168.1.2:80

# iptables -A forwarding_wan -p tcp --dport 80 -d 192.168.1.2 -j ACCEPT

### DMZ

## -- Connections to ports not handled above will be forwarded to 192.168.1.2

# iptables -t nat -A prerouting_wan -j DNAT --to 192.168.1.2

# iptables -A forwarding_wan -d 192.168.1.2 -j ACCEPT

File: /etc/config/firewall

the main

firewall script is blank

here is route from jasager client

chad@lappie:~$ route

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

192.168.1.0 * 255.255.255.0 U 0 0 0 wlan0

default 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0

here is etc/config/network from openwrt

config 'switch' 'eth0'

option 'vlan0' '1 2 3 4 5*'

option 'vlan1' '0 5'

config 'interface' 'loopback'

option 'ifname' 'lo'

option 'proto' 'static'

option 'ipaddr' '127.0.0.1'

option 'netmask' '255.0.0.0'

config 'interface' 'lan'

option 'type' 'bridge'

option 'ifname' 'eth0.0 ath0'

option 'netmask' '255.255.255.0'

option 'proto' 'dhcp'

option 'gateway' ''

option 'ipaddr' '192.168.1.129'

config 'interface' 'wan'

option 'ifname' 'eth0.1'

option 'proto' 'dhcp'

option 'type' ''

option 'ipaddr' ''

option 'netmask' ''

option 'gateway' ''

i am considering changing most of the ips to static or static dhcp, i have yet to add to hosts files on routers or main machine.

I can follow up on this thread and sorry for being somewhat disorganized. i would like to see this work to its potential. almost there. feel free to add suggestion. i did have tor going and thought- o that is why i am able to surf some but i turned tor and privoxy off and still same behavior- really decent connectivity to google but nothing to rest of intarweb.

[ICS and DNSMASQ]

So I had a hard time finding that Wiki for ICS and battled through it myself. I saw a bunch of posts that people were having problems with ICS and windows handing out IPs along with DNS problems on the clients/marks. The way I ended up implementing is configuring dnsmasq for opendns, the Fon was still handling the DHCP for the clients, and my laptop was just providing the door to the net. I am usually a troll and just read over forums but was curious if anyone really wanted a configuration that works this way? If anyone is interested let me know and I will document what I did.

hey i am in need of some thorough advice on this topic. I was trying gadmin/dhcp3 with firestarter and public nameservers. when i went via wired connection I was getting ips no prob- I learned later that using dnsmasq is the way to go. it is probably already running. usr/sbin/dnsmasq -K -F 10.1.1.100,10.1.1.200

[How many got it working?]

I got it working first time out but i was reluctant to take it on...I promptly bricked out my first attempt and the second build was a pita too but i got it all set save final dnsmasq. I am interested in more wireless architecture. the bullets from ubiquiti look hot. lots happening.