How do I setup port mirroring on Tomato firmware?

General discussion about WFilter ICF features, problems, configuration issues etc.

Moderators: imfirewall, gengw2000


bob
Posts: 14
Joined: Wed May 01, 2013 2:18 am

How do I setup port mirroring on Tomato firmware?

Postby bob » Mon May 06, 2013 8:07 am

imfirewall wrote: We will set it up to make a try.



Awesome! Thanks again!

imfirewall
Posts: 153
Joined: Fri Nov 26, 2010 7:41 am

How do I setup port mirroring on Tomato firmware?

Postby imfirewall » Tue May 07, 2013 7:50 am



Here is a guide for you:



http://blog.imfirewall.us/How+To+Deploy+WFilter+With+Tomato+Router.aspx

bob
Posts: 14
Joined: Wed May 01, 2013 2:18 am

How do I setup port mirroring on Tomato firmware?

Postby bob » Wed May 08, 2013 10:50 pm

imfirewall wrote:

Here is a guide for you:



http://blog.imfirewall.us/How+To+Deploy+WFilter+With+Tomato+Router.aspx



Thank you so much! Great guide and thank you for helping out so quickly.



It seems to be working, but when I do "check settings" I get still this "Can not monitor other computers." Also, I'm only able to monitor FILES on my local machine, not other PC on the network?



gengw2000
Posts: 281
Joined: Mon Sep 07, 2009 11:11 pm

How do I setup port mirroring on Tomato firmware?

Postby gengw2000 » Thu May 09, 2013 2:41 am

Can you post me a screenshot of the result of "iptables -t mangle -L"?



Or can we teamviewer to your computer to check this issue? You can send teamviewer id/pass to "support@imfirewall.us".

bob
Posts: 14
Joined: Wed May 01, 2013 2:18 am

How do I setup port mirroring on Tomato firmware?

Postby bob » Fri May 10, 2013 11:07 pm

gengw2000 wrote: Can you post me a screenshot of the result of "iptables -t mangle -L"?



Or can we teamviewer to your computer to check this issue? You can send teamviewer id/pass to "support@imfirewall.us".






Chain INPUT (policy DROP)

target prot opt source destination

DROP 0 -- 239.255.255.250 anywhere

DROP 0 -- 239.255.67.0/24 anywhere

DROP 0 -- 239.255.255.0/24 anywhere

DROP 0 -- 239.192.152.0/24 anywhere

DROP 0 -- anywhere XX:XX:XX:XX:XX:XXcomcast.net

DROP 0 -- anywhere anywhere state INVALID

ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED

ACCEPT 0 -- anywhere anywhere

ACCEPT 0 -- anywhere anywhere

ACCEPT tcp -- anywhere unknown tcp dpt:ssh

DROP 0 -- 239.255.255.250 anywhere

DROP 0 -- 239.192.152.143 anywhere

DROP 0 -- XX:XX:XX:XX:XX:XX.comcast.net anywhere



Chain FORWARD (policy DROP)

target prot opt source destination

ACCEPT 0 -- anywhere anywhere

DROP 0 -- anywhere anywhere state INVALID

TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN tcpmss match 1461:65535 TCPMSS set 1460

restrict 0 -- anywhere anywhere

ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED

wanin 0 -- anywhere anywhere

wanout 0 -- anywhere anywhere

ACCEPT 0 -- anywhere anywhere

ACCEPT 0 -- anywhere Main_Intel



Chain OUTPUT (policy ACCEPT)

target prot opt source destination



Chain rdev03 (1 references)

target prot opt source destination

rres03 0 -- anywhere anywhere [goto] MAC XX:XX:XX:XX:XX:XX

rres03 0 -- anywhere anywhere [goto] MAC XX:XX:XX:XX:XX:XX

rres03 0 -- anywhere anywhere [goto] MAC XX:XX:XX:XX:XX:XX

Chain restrict (1 references)

target prot opt source destination

rres01 0 -- anywhere anywhere

rdev03 0 -- anywhere anywhere



Chain rres01 (1 references)

target prot opt source destination

DROP tcp -- anywhere anywhere mport ports 1024:65534 ipp2p v0.8.1_rc1 --ipp2p

DROP udp -- anywhere anywhere mport ports 1024:65534 ipp2p v0.8.1_rc1 --ipp2p

DROP 0 -- anywhere anywhere ipp2p v0.8.1_rc1 --bit



Chain rres03 (3 references)

target prot opt source destination

DROP 0 -- anywhere anywhere ipp2p v0.8.1_rc1 --bit

DROP 0 -- anywhere anywhere ipp2p v0.8.1_rc1 --ipp2p

DROP tcp -- anywhere anywhere mport ports 65535

DROP udp -- anywhere anywhere mport ports 65535

DROP tcp -- anywhere anywhere mport ports 6771

DROP udp -- anywhere anywhere mport ports 6771

DROP tcp -- anywhere anywhere mport ports 1900

DROP udp -- anywhere anywhere mport ports upnp

DROP tcp -- anywhere anywhere mport ports 56467

DROP udp -- anywhere anywhere mport ports 56467

DROP tcp -- anywhere anywhere mport ports 58977

DROP udp -- anywhere anywhere mport ports 58977

DROP tcp -- anywhere anywhere mport ports 63182

DROP udp -- anywhere anywhere mport ports 63182

DROP tcp -- anywhere anywhere mport ports 49417

DROP udp -- anywhere anywhere mport ports 49417

DROP tcp -- anywhere anywhere mport ports 51672

DROP udp -- anywhere anywhere mport ports 51672

DROP tcp -- anywhere anywhere mport ports 16680

DROP udp -- anywhere anywhere mport ports 16680

DROP tcp -- anywhere anywhere mport ports 56169

DROP udp -- anywhere anywhere mport ports 56169

REJECT tcp -- anywhere anywhere web --hore "bittorrent utorrent.com$ vuze.com$ .torrent" reject-with tcp-reset



Chain wanin (1 references)

target prot opt source destination

DROP 0 -- 239.255.255.250 anywhere

DROP 0 -- 239.255.67.0/24 anywhere

DROP 0 -- 239.255.255.0/24 anywhere

DROP 0 -- 239.192.152.0/24 anywhere



Chain wanout (1 references)

target prot opt source destination

DROP 0 -- anywhere 239.255.255.250

admin
Site Admin
Posts: 137
Joined: Wed Nov 23, 2016 12:08 pm

How do I setup port mirroring on Tomato firmware?

Postby admin » Mon May 13, 2013 1:57 am

The ROUTE rule is not added. When successfully added, you will be able to see "ROUTE" rule in your iptables list. Check this screenshot:




bob
Posts: 14
Joined: Wed May 01, 2013 2:18 am

How do I setup port mirroring on Tomato firmware?

Postby bob » Mon May 13, 2013 5:52 pm

admin wrote: The ROUTE rule is not added. When successfully added, you will be able to see "ROUTE" rule in your iptables list. Check this screenshot:






Yeah hmmm. I don't see that on the table even after "modprobe ipt_ROUTE" is set via telnet, firewall/INT.



Strange. Looks like Tomato just isn't taking that command even though no error comes back via telnet.



Again I really appreciate the help, it says a lot about IMFirewall. Top notch customer service.


Return to “WFilter ICF”

Who is online

Users browsing this forum: No registered users and 5 guests