RT-N16 iptables question

[shadowbozo]

Newbie running Merlin-wrt. I have an unstable DD-WRT router behind my Uverse modem. I'm looking to purchase a RT-N16 and run the Merlin build. Due to AT&T's 5 minute DHCP renewal, I have to add the following iptables command to my firewall:

iptables -I INPUT 2 -p udp --sport 67 --dport 68 -j ACCEPT

Is there a corresponding command I would use running the Merlin builds?

Thank you.

 

[octopus]

Newbie running Merlin-wrt. I have an unstable DD-WRT router behind my Uverse modem. I'm looking to purchase a RT-N16 and run the Merlin build. Due to AT&T's 5 minute DHCP renewal, I have to add the following iptables command to my firewall:

iptables -I INPUT 2 -p udp --sport 67 --dport 68 -j ACCEPT

Is there a corresponding command I would use running the Merlin builds?

Thank you.

That iptables is already there and usually not needed. Only affect dhcp from isp.

 

[shadowbozo]

You are correct that this is coming from the ISP. This is a known issue running wireless routers behind the 2wire Uverse gateway.

The command: iptables -I INPUT 2 -p udp --sport 67 --dport 68 -j ACCEPT, allows the firewall in the wireless router from the ISP to allow the DHCP updates. Without this, the WAN connection dies every 5 minutes.

Is this required in the merlin builds? If the firewall is turned off, will it allow the DHCP commands from the ISP to pass correctly?

Thanks

I could just be crazy and that the Merlin build doesn't need anything additional like DD-WRT requires. If that is the case, could someone just confirm this?

 

[octopus]

You are correct that this is coming from the ISP. This is a known issue running wireless routers behind the 2wire Uverse gateway.

The command: iptables -I INPUT 2 -p udp --sport 67 --dport 68 -j ACCEPT, allows the firewall in the wireless router from the ISP to allow the DHCP updates. Without this, the WAN connection dies every 5 minutes.

Is this required in the merlin builds? If the firewall is turned off, will it allow the DHCP commands from the ISP to pass correctly?

Thanks

I could just be crazy and that the Merlin build doesn't need anything additional like DD-WRT requires. If that is the case, could someone just confirm this?

If firewall is turned OFF that rule and all other rules is NOT working.
But that is NOT recomended everything depends of functioning firewall.

btw: dd-wrt have that rule "built in" by default.

 

[shadowbozo]

btw: dd-wrt have that rule "built in" by default.[/QUOTE]

So what you are saying is with the Firewall turned off, it won't block the DHCP from AT&T. I'll have to try this.

The rule I mention is not "built in " by default on DD-WRT. Only specific deployments require using it. This is as of the current Brainslayer builds. I'm moving away from using DD-WRT due to reliability issues with the implementation of Openvpn in the current Brainslayer DD-WRT builds.

 

[bill1228]

Newbie running Merlin-wrt. I have an unstable DD-WRT router behind my Uverse modem. I'm looking to purchase a RT-N16 and run the Merlin build. Due to AT&T's 5 minute DHCP renewal, I have to add the following iptables command to my firewall:

iptables -I INPUT 2 -p udp --sport 67 --dport 68 -j ACCEPT

Is there a corresponding command I would use running the Merlin builds?

Thank you.

I am using a N66U with Merlin's build, current 374.41 and use AT&T Uverse. I have not had any issues with their short dhcp lease time. 10 minutes which means renew every 5 minutes. I have my router in the modem's DMZ so that I receive the same IP address for the router that the modem has.
--bill

 

[shadowbozo]

Bill,

Thanks for the reply. I appreciate the answer. I'll have the 2Wire in dmzplus mode. This will work.