Menu
What's new
By:
Filters Better Search

YazFi YazFi - enhanced AsusWRT-Merlin Guest WiFi inc. SSID <-> VPN Client

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Jack Yaz said:
I suspect this might be the nvram variables for isolation misbehaving. Can you reproduce with a reboot? V3.0.5 is going to do more than validation on the variables for isolation
Click to expand...
I was not able to reproduce any problem from a router reboot.
Before reboot:
Code: 
# nvram getall | grep isolat | sort
size: 65327 bytes (65745 left)
wl0.1_ap_isolate=1
wl0.2_ap_isolate=0
wl0.3_ap_isolate=0
wl0_ap_isolate=1
wl1.1_ap_isolate=0
wl1.2_ap_isolate=0
wl1.3_ap_isolate=0
wl1_ap_isolate=0
wl2.1_ap_isolate=0
wl2.2_ap_isolate=0
wl2.3_ap_isolate=0
wl_ap_isolate=1
After reboot:
Code: 
# nvram getall | grep isolat | sort
size: 65241 bytes (65831 left)
wl0.1_ap_isolate=1
wl0.2_ap_isolate=0
wl0.3_ap_isolate=0
wl0_ap_isolate=1
wl1.1_ap_isolate=0
wl1.2_ap_isolate=0
wl1.3_ap_isolate=0
wl1_ap_isolate=0
wl2.1_ap_isolate=0
wl2.2_ap_isolate=0
wl2.3_ap_isolate=0
wl_ap_isolate=1
Code: 
YazFi: YazFi v3.0.4 starting up

YazFi: wl0.1 passed validation

YazFi: wl0.1 (SSID: 223_110_IoT) - sending all interface internet traffic over WAN interface

YazFi: YazFi v3.0.4 completed successfully
Code: 
Feb 22 12:26:02 router YazFi: YazFi v3.0.4 starting up
Feb 22 12:26:03 router YazFi: wl0.1 (SSID: 223_110_IoT) - sending all interface internet traffic over WAN interface
Feb 22 12:26:06 router YazFi: YazFi v3.0.4 completed successfully
Feb 22 12:26:06 router YazFi: Forcing YazFi Guest WiFi clients to reauthenticate
Feb 22 15:44:14 router YazFi: YazFi v3.0.4 starting up
Feb 22 15:44:15 router YazFi: wl0.1 (SSID: 223_110_IoT) - sending all interface internet traffic over WAN interface
Feb 22 15:44:19 router YazFi: YazFi v3.0.4 completed successfully
Feb 22 15:44:46 router YazFi: YazFi v3.0.4 starting up
Feb 22 15:44:47 router YazFi: wl0.1 (SSID: 223_110_IoT) - sending all interface internet traffic over WAN interface
Feb 22 15:44:50 router YazFi: YazFi v3.0.4 completed successfully
 
EmeraldDeer said:
I was not able to reproduce any problem from a router reboot.
Before reboot:
Code: 
# nvram getall | grep isolat | sort
size: 65327 bytes (65745 left)
wl0.1_ap_isolate=1
wl0.2_ap_isolate=0
wl0.3_ap_isolate=0
wl0_ap_isolate=1
wl1.1_ap_isolate=0
wl1.2_ap_isolate=0
wl1.3_ap_isolate=0
wl1_ap_isolate=0
wl2.1_ap_isolate=0
wl2.2_ap_isolate=0
wl2.3_ap_isolate=0
wl_ap_isolate=1
After reboot:
Code: 
# nvram getall | grep isolat | sort
size: 65241 bytes (65831 left)
wl0.1_ap_isolate=1
wl0.2_ap_isolate=0
wl0.3_ap_isolate=0
wl0_ap_isolate=1
wl1.1_ap_isolate=0
wl1.2_ap_isolate=0
wl1.3_ap_isolate=0
wl1_ap_isolate=0
wl2.1_ap_isolate=0
wl2.2_ap_isolate=0
wl2.3_ap_isolate=0
wl_ap_isolate=1
Code: 
YazFi: YazFi v3.0.4 starting up

YazFi: wl0.1 passed validation

YazFi: wl0.1 (SSID: 223_110_IoT) - sending all interface internet traffic over WAN interface

YazFi: YazFi v3.0.4 completed successfully
Code: 
Feb 22 12:26:02 router YazFi: YazFi v3.0.4 starting up
Feb 22 12:26:03 router YazFi: wl0.1 (SSID: 223_110_IoT) - sending all interface internet traffic over WAN interface
Feb 22 12:26:06 router YazFi: YazFi v3.0.4 completed successfully
Feb 22 12:26:06 router YazFi: Forcing YazFi Guest WiFi clients to reauthenticate
Feb 22 15:44:14 router YazFi: YazFi v3.0.4 starting up
Feb 22 15:44:15 router YazFi: wl0.1 (SSID: 223_110_IoT) - sending all interface internet traffic over WAN interface
Feb 22 15:44:19 router YazFi: YazFi v3.0.4 completed successfully
Feb 22 15:44:46 router YazFi: YazFi v3.0.4 starting up
Feb 22 15:44:47 router YazFi: wl0.1 (SSID: 223_110_IoT) - sending all interface internet traffic over WAN interface
Feb 22 15:44:50 router YazFi: YazFi v3.0.4 completed successfully
Click to expand...
Personally I'm wondering if the nvrams are null/empty prior to YazFi
 
Jack Yaz said:
OK so it's good another device can connect (and presumably internet etc works fine). Which version of YazFi are you running?

What error does the TV display when trying to join?

Do you have DNSFilter set in the normal LAN? If not, I wonder if the Panasonic doesn't like its DNS being force re-routed. You could test by setting FORCEDNS to false.

Another thing to try would be "forgetting" the network on the TV and re-entering details.
Click to expand...


Hi Jack

The error while trying to connect is a never ending circle rather than a blue tick signifying a successful connection. "A home network is available but connection to the internet is not possible. The gateway dosent respond."No I have no DNS filter . Forcedns makes no difference. The panasonic TV provides you with all Network SSIDs when connecting - you choose the one to connect to - there is no option to forget it. I did re-enter parameters manually - no difference
 
Last edited:
joe scian said:
Hi Jack

The error while trying to connect is a never ending circle rather than a blue tick signifying a successful connection. "A home network is available but connection to the internet is not possible. The gateway dosent respond."No I have no DNS filter . Forcedns makes no difference. The panasonic TV provides you with all Network SSIDs when connecting - you choose the one to connect to - there is no option to forget it. I did re-enter parameters manually - no difference
Click to expand...

For the sake of testing, you can try to reset your TV back to factory defaults. :)

That will 'forget' the network properly.
 
Jack
I have narrowed it down by looking at connections. When I connect to my 5.1 network on 192.168.2.240 - I see port 53 ( DNS ESTABLISHED on address 192.168.2.240 - router) . Connectivity to network is fine. When I connect to 5.1 Guest and Gateway is 192.168.4.240 IP address- 192.168.4.75 in connections I see Port 53 - ASSURED address 192.168.2.240 ( router ) BUT NOT ESTABLISHED. So its a DNS issue as to why its not connecting to internet.
###################################################################
###### 5 GHz Networks ######
####################################################################
###### Guest Network 1 (wl1.1) #####
####################################################################
wl11_ENABLED=true
wl11_IPADDR=192.168.4.0
wl11_DHCPSTART=2
wl11_DHCPEND=254
wl11_DNS1=192.168.2.240
wl11_DNS2=192.168.2.240
wl11_FORCEDNS=true
wl11_REDIRECTALLTOVPN=false
wl11_VPNCLIENTNUMBER=1
wl11_LANACCESS=false
wl11_CLIENTISOLATION=false
 
Last edited:
joe scian said:
Jack
I have narrowed it down by looking at connections. When I connect to my 5.1 network on 192.168.2.240 - I see port 53 ( DNS ESTABLISHED on address 192.168.2.240 - router) . Connectivity to network is fine. When I connect to 5.1 Guest and Gateway is 192.168.4.240 IP address- 192.168.4.75 in connections I see Port 53 - ASSURED address 192.168.2.240 ( router ) BUT NOT ESTABLISHED. So its a DNS issue as to why its not connecting to internet.
###################################################################
###### 5 GHz Networks ######
####################################################################
###### Guest Network 1 (wl1.1) #####
####################################################################
wl11_ENABLED=true
wl11_IPADDR=192.168.4.0
wl11_DHCPSTART=2
wl11_DHCPEND=254
wl11_DNS1=192.168.2.240
wl11_DNS2=192.168.2.240
wl11_FORCEDNS=true
wl11_REDIRECTALLTOVPN=false
wl11_VPNCLIENTNUMBER=1
wl11_LANACCESS=false
wl11_CLIENTISOLATION=false
Click to expand...
Can you send me the diagnostics from YazFi please in a PM? Option d in the menu
 
Generating YazFi diagnostics...
YazFi: Diagnostics saved to /tmp/YazFi.tar.gz.enc with passphrase 7dcmgjtkyis5qgxmjy2n7wbs5ebzwaoq

just rename file back to original

BTW Sorry misled you- After refreshing connections I do indeed get Port 53 with ESTABLISHED status. So its not that at all,
 

Attachments

  • YazFi.pdf
    3.1 KB · Views: 347
joe scian said:
Generating YazFi diagnostics...
YazFi: Diagnostics saved to /tmp/YazFi.tar.gz.enc with passphrase 7dcmgjtkyis5qgxmjy2n7wbs5ebzwaoq

just rename file back to original

BTW Sorry misled you- After refreshing connections I do indeed get Port 53 with ESTABLISHED status. So its not that at all,
Click to expand...
I wonder if the TV is trying to access something else which is blocked by YazFi but not the normal network. Can you run the below 2 commands on the router and then monitor syslog while you attempt to connect the TV to the YazFi network please? These will log all traffic coming from the TV

Code: 
iptables -I FORWARD -s 192.168.4.75 -j LOG
iptables -I INPUT -s 192.168.4.75 -j LOG
 
Code:
23 20:03:27 kernel: IN=wl1.1 OUT= MAC=d0:17:c2:ec:06:85:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.2.240 LEN=68 TOS=0x00 PREC=0x00 TTL=64 ID=31863 PROTO=UDP SPT=39223 DPT=53 LEN=48
Feb 23 20:03:27 kernel: IN=wl1.1 OUT= MAC=d0:17:c2:ec:06:85:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.2.240 LEN=68 TOS=0x00 PREC=0x00 TTL=64 ID=31864 PROTO=UDP SPT=43604 DPT=53 LEN=48
Feb 23 20:03:27 kernel: IN=wl1.1 OUT=ppp0 SRC=192.168.4.75 DST=168.63.205.102 LEN=87 TOS=0x00 PREC=0x00 TTL=63 ID=31865 DF PROTO=TCP SPT=54670 DPT=8443 WINDOW=1026 RES=0x00 ACK PSH URGP=0
Feb 23 20:03:27 kernel: IN=wl1.1 OUT= MAC=d0:17:c2:ec:06:85:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.2.240 LEN=94 TOS=0x00 PREC=0x00 TTL=64 ID=31866 DF PROTO=TCP SPT=14097 DPT=53 WINDOW=1040 RES=0x00 ACK PSH URGP=0
Feb 23 20:03:27 kernel: IN=wl1.1 OUT= MAC=d0:17:c2:ec:06:85:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.2.240 LEN=94 TOS=0x00 PREC=0x00 TTL=64 ID=31867 DF PROTO=TCP SPT=15821 DPT=53 WINDOW=1040 RES=0x00 ACK PSH URGP=0
Feb 23 20:03:28 kernel: IN=wl1.1 OUT= MAC=d0:17:c2:ec:06:85:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.2.240 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=31868 DF PROTO=TCP SPT=14097 DPT=53 WINDOW=1040 RES=0x00 ACK URGP=0
Feb 23 20:03:28 kernel: IN=wl1.1 OUT= MAC=d0:17:c2:ec:06:85:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.2.240 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=31869 DF PROTO=TCP SPT=15821 DPT=53 WINDOW=1040 RES=0x00 ACK URGP=0
Feb 23 20:03:28 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=31870 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:03:28 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=31871 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:03:28 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=31872 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:03:28 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=31873 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:03:28 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=31874 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:03:29 kernel: IN=wl1.1 OUT= MAC=d0:17:c2:ec:06:85:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.2.240 LEN=64 TOS=0x00 PREC=0x00 TTL=64 ID=31875 PROTO=UDP SPT=39223 DPT=53 LEN=44
Feb 23 20:03:29 kernel: IN=wl1.1 OUT= MAC=d0:17:c2:ec:06:85:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.2.240 LEN=64 TOS=0x00 PREC=0x00 TTL=64 ID=31876 PROTO=UDP SPT=43604 DPT=53 LEN=44
Code:
 
OK so I see DNS traffic, and your diagnostics look good on that. I need to see what this is for though...

Code: 
PROTO=UDP SPT=137 DPT=137

EDIT: it's for netbios
 
This is with my standard 5.1 Ghz network connected- IP address of TV is 192.168.2.82 - and connection to Internet is OK


Feb 23 20:21:47 kernel: IN=br0 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=192.168.2.255 LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=36408 PROTO=UDP SPT=29110 DPT=137 LEN=58 MARK=0x8093005e
Feb 23 20:21:47 kernel: IN=br0 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=192.168.2.255 LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=36408 PROTO=UDP SPT=29110 DPT=137 LEN=58 MARK=0x8093005e
Feb 23 20:21:48 kernel: IN=br0 OUT= MAC=d0:17:c2:ec:06:80:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=192.168.2.240 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=36409 DF PROTO=TCP SPT=21247 DPT=8200 WINDOW=65535 RES=0x00 SYN URGP=0
Feb 23 20:21:48 kernel: IN=br0 OUT= MAC=d0:17:c2:ec:06:80:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=192.168.2.240 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=36409 DF PROTO=TCP SPT=21247 DPT=8200 WINDOW=65535 RES=0x00 SYN URGP=0
Feb 23 20:21:48 kernel: IN=br0 OUT= MAC=d0:17:c2:ec:06:80:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=192.168.2.240 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=36411 DF PROTO=TCP SPT=21247 DPT=8200 WINDOW=1040 RES=0x00 ACK URGP=0
Feb 23 20:21:48 kernel: IN=br0 OUT= MAC=d0:17:c2:ec:06:80:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=192.168.2.240 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=36411 DF PROTO=TCP SPT=21247 DPT=8200 WINDOW=1040 RES=0x00 ACK URGP=0
Feb 23 20:21:48 kernel: IN=br0 OUT= MAC=d0:17:c2:ec:06:80:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=192.168.2.240 LEN=383 TOS=0x00 PREC=0x00 TTL=64 ID=36412 DF PROTO=TCP SPT=21247 DPT=8200 WINDOW=1040 RES=0x00 ACK PSH URGP=0
Feb 23 20:21:48 kernel: IN=br0 OUT= MAC=d0:17:c2:ec:06:80:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=192.168.2.240 LEN=383 TOS=0x00 PREC=0x00 TTL=64 ID=36412 DF PROTO=TCP SPT=21247 DPT=8200 WINDOW=1040 RES=0x00 ACK PSH URGP=0
Feb 23 20:21:48 kernel: IN=br0 OUT= MAC=d0:17:c2:ec:06:80:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=192.168.2.240 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=36418 DF PROTO=TCP SPT=21247 DPT=8200 WINDOW=1003 RES=0x00 ACK URGP=0
Feb 23 20:21:48 kernel: IN=br0 OUT= MAC=d0:17:c2:ec:06:80:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=192.168.2.240 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=36418 DF PROTO=TCP SPT=21247 DPT=8200 WINDOW=1003 RES=0x00 ACK URGP=0
Feb 23 20:21:48 kernel: IN=br0 OUT= MAC=d0:17:c2:ec:06:80:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=192.168.2.240 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=36419 DF PROTO=TCP SPT=21247 DPT=8200 WINDOW=1040 RES=0x00 ACK URGP=0
Feb 23 20:21:48 kernel: IN=br0 OUT= MAC=d0:17:c2:ec:06:80:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=192.168.2.240 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=36419 DF PROTO=TCP SPT=21247 DPT=8200 WINDOW=1040 RES=0x00 ACK URGP=0
Feb 23 20:21:48 kernel: IN=br0 OUT= MAC=d0:17:c2:ec:06:80:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=192.168.2.240 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=36420 DF PROTO=TCP SPT=21247 DPT=8200 WINDOW=1040 RES=0x00 ACK FIN URGP=0
Feb 23 20:21:48 kernel: IN=br0 OUT= MAC=d0:17:c2:ec:06:80:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=192.168.2.240 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=36420 DF PROTO=TCP SPT=21247 DPT=8200 WINDOW=1040 RES=0x00 ACK FIN URGP=0
Feb 23 20:21:48 kernel: IN=br0 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=192.168.2.255 LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=36421 PROTO=UDP SPT=29110 DPT=137 LEN=58 MARK=0x44180003
Feb 23 20:21:48 kernel: IN=br0 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=192.168.2.255 LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=36421 PROTO=UDP SPT=29110 DPT=137 LEN=58 MARK=0x44180003
 
no - the quick fix did not work
 
More of the log - when connected to 5.1Guest network - and connection to internet unsuccessful

Feb 23 20:27:53 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38215 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:53 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38216 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:53 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38217 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:53 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38218 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:53 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38219 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:53 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=241 TOS=0x00 PREC=0x00 TTL=64 ID=38220 PROTO=UDP SPT=138 DPT=138 LEN=221
Feb 23 20:27:53 kernel: IN=wl1.1 OUT= MAC=d0:17:c2:ec:06:85:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.2.240 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=38221 PROTO=UDP SPT=23433 DPT=53 LEN=45
Feb 23 20:27:53 kernel: IN=wl1.1 OUT= MAC=d0:17:c2:ec:06:85:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.2.240 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=38222 PROTO=UDP SPT=60590 DPT=53 LEN=45
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38223 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38224 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38225 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38226 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38227 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38228 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38229 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38230 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38231 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38232 PROTO=UDP SPT=137 DPT=137 LEN=76
 
joe scian said:
no - the quick fix did not work
Click to expand...
OK, try just the INPUT rule:
Code: 
iptables -I INPUT -s 192.168.4.75 -j LOG
iptables -D FORWARD -s 192.168.4.75 -j LOG

We can ignore forwarding since YazFi doesn't restrict traffic out to the wider world, only to the router itself and your LAN.
joe scian said:
More of the log - when connected to 5.1Guest network - and connection to internet unsuccessful

Feb 23 20:27:53 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38215 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:53 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38216 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:53 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38217 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:53 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38218 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:53 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38219 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:53 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=241 TOS=0x00 PREC=0x00 TTL=64 ID=38220 PROTO=UDP SPT=138 DPT=138 LEN=221
Feb 23 20:27:53 kernel: IN=wl1.1 OUT= MAC=d0:17:c2:ec:06:85:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.2.240 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=38221 PROTO=UDP SPT=23433 DPT=53 LEN=45
Feb 23 20:27:53 kernel: IN=wl1.1 OUT= MAC=d0:17:c2:ec:06:85:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.2.240 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=38222 PROTO=UDP SPT=60590 DPT=53 LEN=45
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38223 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38224 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38225 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38226 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38227 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38228 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38229 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38230 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38231 PROTO=UDP SPT=137 DPT=137 LEN=76
Feb 23 20:27:55 kernel: IN=wl1.1 OUT= MAC=ff:ff:ff:ff:ff:ff:bc:30:7e:04:00:bb:08:00 SRC=192.168.4.75 DST=192.168.4.255 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=38232 PROTO=UDP SPT=137 DPT=137 LEN=76
Click to expand...
It looks like it's still struggling to talk with NetBIOS - note don't re-apply YazFi settings after running the quick fix. New quick fix:

Code: 
iptables -D YazFiINPUT -i wl1.1 -p udp --dport 137 -j ACCEPT
iptables -I YazFiINPUT -i wl1.1 -m multiport -p udp --dports 137,138 -j ACCEPT

After you run the quick fix, can you send the output of

Code: 
iptables -S YazFiINPUT
 
These entries below ( when connected to standard 5.1 Ghz Network ) and successfully connected to neywork - NEVER APPEAR when connected to 5.1Guest Network for address 192.168.4.75 . Notice the MAC= 01:00:5e:7f:ff:fa The Mac address of the TV is bc:30:7e:04:00:bb

Feb 23 20:40:54 kernel: IN=br0 OUT= MAC=01:00:5e:7f:ff:fa:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=239.255.255.250 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=40227 PROTO=2
Feb 23 20:40:54 kernel: IN=br0 OUT= MAC=01:00:5e:7f:ff:fa:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=239.255.255.250 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=40227 PROTO=2
 
joe scian said:
These entries below ( when connected to standard 5.1 Ghz Network ) and successfully connected to neywork - NEVER APPEAR when connected to 5.1Guest Network for address 192.168.4.75 . Notice the MAC= 01:00:5e:7f:ff:fa The Mac address of the TV is bc:30:7e:04:00:bb

Feb 23 20:40:54 kernel: IN=br0 OUT= MAC=01:00:5e:7f:ff:fa:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=239.255.255.250 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=40227 PROTO=2
Feb 23 20:40:54 kernel: IN=br0 OUT= MAC=01:00:5e:7f:ff:fa:bc:30:7e:04:00:bb:08:00 SRC=192.168.2.82 DST=239.255.255.250 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=40227 PROTO=2
Click to expand...
A quick search reveals this may also related to multicast traffic and/or NetBIOS. Allowing the ports 137 and 138 are the first steps (covered by the last quick fix)
I'll research what can be done for multicast
 
Code: 
joescian@RT-AC5300:/tmp/home/root# iptables -S YazFiINPUT
-N YazFiINPUT
-A YazFiINPUT -i wl1.1 -p udp -m multiport --dports 137,138 -j ACCEPT
-A YazFiINPUT -i wl1.1 -p udp -m multiport --dports 137,138 -j ACCEPT
-A YazFiINPUT -i wl1.1 -p udp -m multiport --dports 137,138 -j ACCEPT
-A YazFiINPUT -i wl1.1 -p udp -m udp --dport 53 -j ACCEPT
-A YazFiINPUT -i wl1.1 -p tcp -m tcp --dport 53 -j ACCEPT
-A YazFiINPUT -d 192.168.2.3/32 -i wl1.1 -p tcp -m multiport --dports 80,443 -j ACCEPT
-A YazFiINPUT -i wl1.1 -p udp -m multiport --dports 67,123 -j ACCEPT
-A YazFiINPUT -i wl1.1 -j YazFiREJECT
-A YazFiINPUT -i wl0.1 -p udp -m udp --dport 53 -j ACCEPT
-A YazFiINPUT -i wl0.1 -p tcp -m tcp --dport 53 -j ACCEPT
-A YazFiINPUT -d 192.168.2.3/32 -i wl0.1 -p tcp -m multiport --dports 80,443 -j ACCEPT
-A YazFiINPUT -i wl0.1 -p udp -m multiport --dports 67,123 -j ACCEPT
-A YazFiINPUT -i wl0.1 -j YazFiREJECT
 
still not connecting to the network jack

Jack- when I run 1st rule I get

joescian@RT-AC5300:/tmp/home/root# iptables -D YazFiINPUT -i wl1.1 -p udp --dpor
t 137 -j ACCEPT
iptables: Bad rule (does a matching rule exist in that chain?).
 
joe scian said:
still not connecting to the network jack

Jack- when I run 1st rule I get

joescian@RT-AC5300:/tmp/home/root# iptables -D YazFiINPUT -i wl1.1 -p udp --dpor
t 137 -j ACCEPT
iptables: Bad rule (does a matching rule exist in that chain?).
Click to expand...
Looks like a line break has crept in. Anyway, your YazFiINPUT looks OK for now. I can't test this since I don't have a device affected, but can you try
Code: 
iptables -I YazFiINPUT -i wl1.1 -d 239.255.255.250 -j ACCEPT

I might need to add a config option to allow multicast if this turns out to be the problem
 
Last edited:
You must log in or register to reply here.

Similar threads

Astronautspiff
YazFi GUI Tab not showing up under Guest Networks Page
Replies
3
Views
218
Tech9
Tech9
M
YazFi Problem with YazFi
Replies
19
Views
773
bennor
B
Jack Yaz
YazFi YazFi v4.x - continued
6 7 8
Replies
147
Views
22K
fotingo
F
B
Yazfi: VPN Server for guest network access only
Replies
10
Views
1K
jrmathis
jrmathis
T
Make IoT devices on one-way-to-guest YazFi VLANs discoverable on main LAN
Replies
8
Views
2K
fotingo
F
Similar threads
Thread starter Title Forum Replies Date
S Solved YazFi Offline Install Asuswrt-Merlin AddOns 3
Astronautspiff YazFi GUI Tab not showing up under Guest Networks Page Asuswrt-Merlin AddOns 3
M YazFi Problem with YazFi Asuswrt-Merlin AddOns 19
macster2075 YazFi YazFi on AC86U Asuswrt-Merlin AddOns 3
SevenFactors YazFi YazFi 4.4.4 GUI Page Becomes Unscrollable on Merlin 386.14 Asuswrt-Merlin AddOns 3
novusB YazFi Issues with YazFi - Gnuton - RT-AX58U_V2 3004.388.7_1-gnuton1 Asuswrt-Merlin AddOns 1
P YazFi YazFi on GT-BE98 Pro Asuswrt-Merlin AddOns 15
R YazFi YazFi and Port forwarding to get to server? Asuswrt-Merlin AddOns 2
B YazFi YazFi Guest Network unable to access Pi-Hole DNS server Asuswrt-Merlin AddOns 22
P YazFi Support AiMesh Yet? Asuswrt-Merlin AddOns 11

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,249 (members: 26, guests: 1,223)
Top