ffdise 6 Posted ... Hi, I am a bit stumped at the sudden failure I'm seeing with port forwarding that I have had working for about 2 years on AirVPN. I have changed nothing I can think of. My system works with a Tomato router and a few extra iptable rules in the firewall script. The port is forwarded to a VMWare Windows XP-Pro system running Vuse 4.8.0.0. The Vuse network test fails as does the test from the AirVPN end. I'd be very grateful if anyone has any idea of what may have happened. Here is the firewall script: # VPN port forwarding/usr/sbin/iptables -I FORWARD -i tun11 -p udp -d 192.168.1.16 --dport 46222 -j ACCEPT/usr/sbin/iptables -I FORWARD -i tun11 -p tcp -d 192.168.1.16 --dport 46222 -j ACCEPT/usr/sbin/iptables -t nat -I PREROUTING -i tun11 -p tcp --dport 46222 -j DNAT --to-destination 192.168.1.16 /usr/sbin/iptables -t nat -I PREROUTING -i tun11 -p udp --dport 46222 -j DNAT --to-destination 192.168.1.16 Quote Share this post Link to post
njuskalonjusko 0 Posted ... Have you probably upgraded to v129 tomato ? I had to roll back to v128 to restore port forwarding. Quote Share this post Link to post
go558a83nk 364 Posted ... those are just basic iptables. if those don't work in the latest tomato then the whole router shouldn't work Quote Share this post Link to post
njuskalonjusko 0 Posted ... Might be related to routing policy integration introduced in v129, i have similar set of iptables for port forwarding and it ceased to work on upgrade (R7000). [RELEASE] 129All versions:– All images are now compressed to ZIP file.– OpenVPN: Routing policy integration and GUI– GUI: add Wireless Temperature on Status page – thx Hyzzom (BWQ)– GUI: OpenVPN – add „Ignore Redirect Gateway (route-nopull)”– GUI: Bittorrent – allow set download and upload speed to 0– GUI: Allow users to decide which NTFS driver they want to use: Tuxera (AC56, AC68) or Paragon (N18, Netgears) or NTFS-3G (all routers)– GUI: Fix OpenVPN TAP server – Server won`t start when TAP has been bridged with br1/2/3 and „Client address pool” has been set manually (not from DHCP)– Add /mmc directory to „root” tree – required by Tomatoware project– NTFS-3G driver update to 2015.3.14– OpenVPN: remove „enable-small” parameter. This is required by some VPN providers. K26ARM– GUI: fix Backip and Restore Comfiguration from file– IPset* update to 6.24 – attention! This version has different kernel modules and different syntax of command. If you are using IPSet, you have to fix your scripts.* backport ipset kernel modules from Kernel 3.0* add library libmnl – required by newer ipset* fixed support IPSet with Dnsmasq– add Entware install script for ARM – just run command entware-install.sh– compile fat/vfat as module– add Tuxera NTFS driver for AC56/68 routers– lot of fixed and improvements in compilation proces – thx @edrikk– fix TOR compilation* update to v0.2.5.12* enable threads support for openssl and tor* change gcc optimization level from Os to O2 – thx RMerlin* enable TOR feature in all AIO builds– Updated Blink Function – thx @chazikai24– add ASUS RT-AC68P support the same image as for AC68U/R – thx @tvlz– add Linksys EA6500v2 and EA6700 support – thx @Yongqiang Qin– fix WS880 leds – thx @xvortex source: http://tomato.groov.pl/?page_id=78 Quote Share this post Link to post