Yes openwrt has the netstat utility with the following usage: Usage: netstat [-ral] [-tuwx] [-enWp]
-- No my goal is to use only shorewall. Obviously /etc/init.d/firewall stop is not enough; disabling the firewall script from starting at boot followed by a reboot does it though! To keep it as simple as possible I will leave the dhcp question aside! I have a server that provides firewallling(mac filtration ...) using shorewall and other services like: dhcp, dns, ntp and so on. On that server which does not have any wireless interface I have two vlan interface with PVID of 200 and 300(vlan 200 is for private wireless devices and 300 is for dmz) That is where openwrt comes to play: Openwrt is installed on a wireless router and that wireless capability is being used for adding wireless support! So on the router I have created two vlan interfaces on eth0(eth0.200 eth0.300) and eatch interface is bridged with the wireless interface with a different SSID. Basically what I have is: server providing vlan 200 and 300 connected to router running openwrt and that router provides only wireless capability. Actually eth0.200 is bridge with the wireless interface on the same router: eth1.200 on the server is connected to eth0.200 on the router and eth0.200 is bridged with the wireless interface on that same router. Hopefully you will get a clearer pickture!!!:) Everything is working has it should; the only interrogation I have is how to configure shorewall for that set up! -Matt On 13 Nov 2015 at 14:08, Tom Eastep wrote: > On 11/13/2015 11:36 AM, matt darfeuille wrote: > > Hi Tom, > > > > While doing shorewall-lite dump I get the following: > > > > root@OpenWrt:~# shorewall-lite dump >dump.txt > > /sbin/shorewall-lite: line 1: ss: not found > > > > root@OpenWrt:~# > > > > Any idea why? > > Obviously, ss isn't installed. Does OpenWRT have 'netstat'? > > > > > Tom, while doing the dump the interface used was eth0.200 and the > > name is wifi and not dmz! > > > > Everything was already set up for wifi with the interface eth0.200. > > > > Dump privately send! > > > > You appear to have another firewall tool installed besides Shorewall -- > is that intentional? And if so, why? > > Beyond that, I'm still lost as to what you are trying to do. > > 1. Is the wireless access point a separate box accessed via eth0.200? > 2. Why are you concerned with DHCP? > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > ------------------------------------------------------------------------------ > _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
