changing firewall rules - vera1 with UI2

michaelk · March 6, 2010, 2:48am

I use vera1 as my router.

I have a windows home server (WHS) also on my network that runs a little website, allows RDP, and handles my DDNS.

I HAD the vera all setup to forward the 4 ports that the WHS needs and then to drop all other ports. It was working fine.

well today I went to remote in from my office and I couldn’t connect. (ironically i was going to try and open port 22 so i could use ssh to set up a tunnel to my vera for my Droid phone) Figured just maybe there was some lag in the DDNS updating so didn’t think much of it.

But when I got home I see the ports just aren’t open. I hardly remote in or use the website- so who knows how long it’s been off. (I think i originally set it ip in .979 but now I’m .994- so might have got fubared when i changed. I know i had problems with it forgeting static dhcp settings at the time- so maybe i just never noticed it.

Anyway- originally i set all the firewall rules in the “advanced configuration” item that opens a new window to fiddle with the open wrt settings. So I looked in there and all my firewall rules went bye bye. So I set them all back up and i still can’t get the ports to open. I tried opening port 22 in there to no avail either (using the shields up port scanner at grc.com shows them as ‘closed’)

So then I noticed that in the vera ui itself I can pick a firewall setting- and on of the options from the dropdown is ‘firewall custom”- honestly I don’t think I touched that originally I thought I just fiddled in the open wrt page. But now I guess I need to set that. Trouble is- no matter what I do I can’t get the setting to change to custom. It’s stuck on firewall active. I tried “save and apply from the scrolling part of the window with the network settings. I tried the save button up top on the left as it goes red when I make changes. I tried both of them in different orders. I tried putting rules in the open wrt page, I tried deleting them. I rebooted umpteen times. Still no matter what I’m beat.

Anyone have any idesas? I’ll wait for the next version to drop and try again and if it doesn’t work I’ll open a ticket. But maybe I’m just doing something wrong that I’m not seeing?

-mike

PS- once I get that setting to stick- will something pop up in vera’s ui to set the rules- or do I still go to the openwrt page?

michaelk · March 6, 2010, 2:55am

fiddling some more and i can disable the firewall from that dropdown and turn it back to active. But still can’t go to custom from either disabled or active.

tfitzemeyer · March 8, 2010, 2:02am

michaelk,
I think I have the same issue. I want to have custom firewall for port forwarding of my camera. I can only get the firewall modes of enabled or disabled. Whenever I select custom it doesn’t stay selected when I save.

michaelk · March 8, 2010, 3:33am

thanks for confirming.

I beleive the next release is imminent- so I’ll see if it’s fix and if not put in a bug report.

cj1 · March 10, 2010, 6:25pm

firewall = “custom” means that you’ve added manually some rules to the firewall file,
either from Advanced Settings->OpenWrt->Firewall or by manually editing /etc/firewall.conf file.
It is automatically detected, you can’t set it to “custom”. You can only activate or deactivate the firewall from Vera UI.

Unfortunately Port Forward from External Port X to Internal Port Y in OpenWrt is broken.
At some point it will forward packets arrived at external port X to internal port Y +/- 1 or 2, but
port forwarding external port X to internal port X and DMZ it’s working fine all the time.
We’re waiting a permanent fix to be added in OpenWrt, that will solve this issue.

michaelk · March 10, 2010, 8:46pm

thanks for the heads up.

2 issues then-

I had rules and they worked fine but then they just POOF disappeared one day. Any idea why that it? First my hosts (static DNS list) just up and disappeared but i replace it and that’s fine. Now my firewall rules just disappeared but the hosts is fine.
when I add the rules back in by Advanced Settings->OpenWrt->Firewall they don’t seem to take (they get saved in that area and i can reboot the router and they are still there but they dont work and vera doesn’t updated the firewall custom drop down). Can you give a quickie- what steps in what order we should be doing? In general vera doesn’t always seem to accept router changes for me - is there something I should be doing to make sure they take and are working each time (wait x minutes then reboot or something like that?)

cj1 · March 11, 2010, 8:07am

When you do changes in OpenWRT you have to first press the “SAVE” button and then
the right lower “APPLY CHANGES” button.
Also note: If you do any changes in OpenWRT Networking part and Vera’s auto configure network is enabled, you’ll loose those changes.
You’ll have to disable the auto configure function by:

doing a change in the Net&wi-fi page and pressing the Save&Apply button
or
removing by hand the /etc/cmh/fresh_install file

michaelk · March 11, 2010, 3:22pm

thanks!

I think i may have had my vera set for auto-configure- looks like i need to undo that.