Profile Details

Toggle Sidebar
Recent updates
  • OK, I think I've not explained how it works. Anything in /etc/clearos/firewall.d/local will be executed each time the firewall reloads. Generally this is used to add iptables rules, but in reality it will execute any command. This makes it a good place to add ebtables rules as if you are adding them from the command line. Remember your first command may be to reset the ebtables rules as it may otherwise duplicate them. Also note there seems to be some sort of service watcher on this file so if it detects a change, the whole firewall will automatically reload.

  • I don't think I can really do much more. I don't have multiwan so do not have set up that I know.

  • What IP is ClearOS getting from the Dlink when it is in bridge mode? Does ClearOS work when the router is not in bridge mode?

  • Hi Miguel,

    Welcome to the site. I am deleting your other post. New forum members have their first couple of posts moderated so they can't see them immediately and double-posting happens.

    I know nothing about ebtables, but if you want rules to fire automatically on every firewall restart, you can put them in /etc/clearos/firewall.d/local. There is no GUI in ClearOS for ebtables.

    Nick

  • It should not happen and did not with mine - I rebooted a week or so ago. How much free space do you have in /boot?

  • I've just bumped into a problem with my ipset setup! If I do:nothing gets blocked but if I do(no -i enp2S0) then it works. It looks like there is some interplay with the parameters. I am posting to the netfilter list to try and see what is going on.

    (note $IPTABLES = "iptables -w" in a firewall script)

  • Nick Howitt
    Nick Howitt's reply was accepted as an answer

    Re: Network Design for ClearOS with Wireless

    I'm going to delete your other post which is a duplicate, just to keep things tidy. If you're a new poster your first couple of posts get moderated so they don't appear immediately.

    How you can set your system up can depend on how you connect to the internet and how you want ClearOS to work. If you have a separate modem you don't (shouldn't) need your router1. ClearOS can connect directly to your modem.

    Is your modem cable or ADSL? If it is cable, it will probably pass your WAN IP straight through to ClearOS. If it is ADSL it will probably give ClearOS a private IP - you should be able to see what WAN IP your router1 is getting.

    For router2, if ClearOS has only one LAN NIC, connect a LAN port on the router to the ClearOS LAN, but you must disable the DHCP server in the router and give it a fixed IP on the ClearOS LAN subnet. In this configuration your wired and wireless devices are all on the same subnet.

    If your modem is ADSL, for a more advanced set up, you can try setting your modem to bridge mode then change your ClearOS WAN type to PPPoE. In this configuration, ClearOS will get your WAN IP directly.

  • I'm going to delete your other post which is a duplicate, just to keep things tidy. If you're a new poster your first couple of posts get moderated so they don't appear immediately.

    How you can set your system up can depend on how you connect to the internet and how you want ClearOS to work. If you have a separate modem you don't (shouldn't) need your router1. ClearOS can connect directly to your modem.

    Is your modem cable or ADSL? If it is cable, it will probably pass your WAN IP straight through to ClearOS. If it is ADSL it will probably give ClearOS a private IP - you should be able to see what WAN IP your router1 is getting.

    For router2, if ClearOS has only one LAN NIC, connect a LAN port on the router to the ClearOS LAN, but you must disable the DHCP server in the router and give it a fixed IP on the ClearOS LAN subnet. In this configuration your wired and wireless devices are all on the same subnet.

    If your modem is ADSL, for a more advanced set up, you can try setting your modem to bridge mode then change your ClearOS WAN type to PPPoE. In this configuration, ClearOS will get your WAN IP directly.

  • Nick Howitt
    Nick Howitt replied to a discussion, DynDNS Updater 3.1

    I don't see that this would work. You don't get any access to your poweredbyclear.com to set up subdomains. DynDNS Updater is to update accounts at DynDNS and not generally. Also I think it is a Windoze only updater.

    If you own you own domain, you could have the DynDNS Updater running on your Mum's PC. Then you set up a CNAME record for mom.my_ClearOS_Domain.xxx pointing to her DynDNS FQDN.

  • If you really wanted to be cute, you could clone clients.conf and change a few parameters (port, ipp.txt and subnet) and have this cloned conf listen on a different port - I use 1195. Then if you connect to 1194 you get normal browsing and if you connect to 1195 all traffic is redirected through the VPN. I use this to watch BBC from abroad and to see the UK version of their news site.