[Freedombox-discuss] Please help: Freedombox as a router, "not working" anymore (details inside)
Daddy
daddy at autistici.org
Mon Oct 8 20:22:49 BST 2018
Sunil,
thank you for your answer and your time.
I'll study the links you provided and investigate the influence of the
docker further.
This may take me another two weeks :)
D.
PS: Sorry for bringing up something which now looks like unrelated to
the actual Freedombox part of my system.
On 08.10.2018 20:59, Sunil Mohan Adapa wrote:
> On Monday 08 October 2018 02:32 AM, Daddy wrote:
> [...]
>> I was eventually able to get the DHCP working (by manually allowing the
>> service in firewalld), but not the connection to the internet.
>>
>> *My network setup:*
>> <WAN> -- <Modem> -- <Freedombox> -- <LAN>
>>
>> <LAN> is connected to Fbx through two separate interfaces - wired and
>> wireless, both set as internal zone in firewall.
>> LAN connections are both using "Shared" ipv4 setting; no settings were
>> adjusted.
>>
>> *Freedombox System:*
>> Debian GNU/Linux buster/sid and FreedomBox version 0.39.0.
>>
>> I'm not filling bug report, as this may have been caused by something
>> I've chosen during the manual system upgrade - I'm just not able to
>> pinpoint it yet.
>>
> Hello,
>
> Your iptables-save output shows that you are not using firewalld.
> However, for the commands you have executed you indeed have firewalld
> running.
>
> A possible explanation is that you have setup separate iptable scripts
> other than firewalld. First firewalld starts then the offending script
> starts wiping out the firewalld chains. See below for a sample of how
> the nat table should look like with firewalld. To test this theory,
> restart firewalld, (observe different output for iptables-save),
> disconnect/connect shared network connections, check if the problem is
> resolved. To fix, remove the offending script.
>
> Also, you seem to have docker containers running. Docker seems to insert
> its own chains (but not sure if it wipes iptables). Docker is usually
> started after firewalld when running under systemd[1]. So, things should
> be okay unless you restart firewalld. To properly fix this you may want
> to explore and setup firewalld rich rules[2] and ask docker to not touch
> iptables.
>
> Links:
>
> 1)
> https://success.docker.com/article/why-am-i-having-network-problems-after-firewalld-is-restarted
> 2) https://fedoraproject.org/wiki/Features/FirewalldRichLanguage
>
More information about the Freedombox-discuss
mailing list