OpenWrt/LEDE Project

  • Status Unconfirmed
  • Percent Complete
  • Task Type Bug Report
  • Category Base system
  • Assigned To No-one
  • Operating System All
  • Severity Medium
  • Priority Very Low
  • Reported Version openwrt-18.06
  • Due in Version Undecided
  • Due Date Undecided
  • Private
Attached to Project: OpenWrt/LEDE Project
Opened by suedwestlicht - 01.08.2019
Last edited by Yousong Zhou - 06.11.2019

FS#2420 - No more masquerading after "ifdown wan; ifup wan"

hw: TP-Link TL-WDR3600 v1
arch: Atheros AR9344 rev 2
sw: OpenWrt 18.06.4 r7808-ef686b7292 / LuCI openwrt-18.06 branch (git-19.170.32094-4d6d8bc)

pppoe-wan ipv4 plus dhcpv6 client

After “ifdown wan; ifup wan” there is no more masquerading done to outgoing packets. Source address of those packets from lan to pppoe-wan are unchanged.

Solution (works for me):
In /etc/hotplug.d/iface/20-firewall change the last line
fw3 -q reload
fw3 -q restart

suedwestlicht commented on 01.08.2019 07:56

Sorry, "fw3 -q restart" fixes it for a few minutes only.

It seems to affect only UDP packets. As if the kernel would forget to masquerade them.

I had the same problem a few weeks ago when tcp was still masqueraded but my OpenVPN tunnel using UDP stopped working due to not rewriting the source address.

suedwestlicht commented on 03.08.2019 09:52

I went back to Chaos Calmer and see if it might be a kernel issue.


Available keyboard shortcuts


Task Details

Task Editing