Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
I recently ported Luci to an OpenWrt router. I was just exploring the thing. I disabled the DHCP server on LAN and enabled as DHCP client. I saved and applied the configuration to the router. Now after a restart I am not able to connect the router webpage.
How do I enable the DHCP server again or can anyone let me know how to reset this OpenWrt router to default settings?
I tried in the serial port console. but I can't see any IP address for any interfaces. Before It was 192.168.1.1.
Please suggest...
Those who are facing this problem: Don't panic.
Short answer:
Restart your router, and this problem will be fixed. (But if your restart button is not working, you need to do a nine-step process to do the restart. Hitting the restart button is just one of them.)
Long answer: Let's learn how to restart the router.
Set your PC's IP address: 192.168.1.2 and subnetmask 255.255.255.0 and gateway 192.168.1.1
Power off the router
Disconnect the WAN cable
Only connect your PC Ethernet cable to ETH0
Power on the router
Wait for the router to start the boot sequence (SYS LED starts blinking)
When the SYS LED is blinking, hit the restart button (the SYS LED will be blinking at a faster rate means your router is in failsafe mode). (You have to hit the button before the router boots.)
telnet 192.168.1.1
Run these commands:
mount_root ## this remounts your partitions from read-only to read/write mode
firstboot ## This will reset your router after reboot
reboot -f ## And force reboot
Log in the web interface using web browser.
link to see the official failsafe mode.
Some addition to previous comments: 'firstboot' won't be available until you run 'mount_root' command.
So here is a full recap of what needs to be done. All manipulations I did on Windows 8.1.
Enter Failsafe mode (hold the reset button on boot for a few seconds)
Assign a static IP address, 192.168.1.2, to your PC. Example of a command: netsh interface ip set address name="Ethernet" static 192.168.1.2 255.255.255.0 192.168.1.1
Connect to address 192.168.1.1 from telnet (I use PuTTY) and login/password isn't required).
Run 'mount_root' (otherwise 'firstboot' won't be available).
Run 'firstboot' to reset.
Run 'reboot -f' to reboot.
Now you can enter to the router console from a browser. Also don't forget to return your PC from static to DHCP address assignment. Example: netsh interface ip set address name="Ethernet" source=dhcp
You can run this command for making a factory reset:
killall dropbear uhttpd; sleep 1; mtd -r erase rootfs_data
If you installed the SquashFS image you can run the script firstboot. That will return OpenWrt to the defaults of when you flashed the router.
With your serial access just run firstboot and then power cycle the device.
If you enabled it as a DHCP client then your router should get an IP address from a DHCP server. If you connect your router on a net with a DHCP server you should reach your router's administrator page on the IP address assigned by the DHCP.
Related
I've been poking around the internet trying to get an answer to this one but so far I've only seen it as "normal" behavior.
I have a fedora 29 host configured to send rsyslog messages over the default 514 port. That works as intented and has been for some time now. I had a client notice that the host would "listen" on an ephemeral port that appears to change with each reboot:
ss -tulnp | grep 46852
udp UNCONN 1536 0 0.0.0.0:468520.0.0.0:* users:(("rsyslogd",pid=676,fd=15))
also:
lsof -i :46852 -P
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
rsyslogd 676 root 15u IPv4 24836 0t0 UDP *:46852
Anyone know why rsyslog is doing this? It appears to be default behavior, and I'm not worried about it as the port can't be hit externally (firewall prohibits it) but just wanted to understand it. I also couldn't find anything in the rsyslog docs that talked about it.
Thanks!
This is just observed behavior I am curious about.
This isn't something that rsyslog is doing, but rather your OS.
Clients are assigned port numbers (random and sequential) by your operating system, as part of the sequence of system calls, that create a network connection. For example TCP and UDP typically use an "ephemeral" port for the client-end of a client–server communication.
These port numbers are - as you said - called "ephemeral" because they are valid only for the life of the connection and have no special significance.
As to why ephemeral ports are used.. I don't know. Maybe someone on ServerFault or Network Engineering can answer this question.
From my understanding ephemeral ports can be used either temporary or private. So if a service (temporarily) needs a port it can use an ephemeral port. After the service has done it's requests and has timed-out for some time, the port is released and can be used by some other service. This way a service doesn't block a port even though it doesn't even use it, or just frequently uses it.
I have deployed the Spring boot app on the OCI compute and its comping up nicely. Compute is created with public ip and have the security list updated to allow connections from internet. But, I wasn't able to hit the end point from internet. For that reason, I thought of configuring the load balancer.
Created load balancer in a separate subnet(10.0.1.0/24), routing table and security list. Configured the LB's security list to send all protocol packets to compute's CIDR(10.0.0.0/24) and configured compute's security list to accept the packets from LB. I was expecting LB to make connection with back end. But, its not.
I am able to hit the LB from internet :-
Lb's routing table with all ips routed through internet gateway. There is no routing defined for compute's CIDR as its in the VCN.
LB has its own security list, which has allowed out going packets to compute and incoming from internet as below:
Compute's security list accepting packet's from LB:
Let me know, if I am missing something here.
My internet gateway :-
My backend set connection configuration from LB:
LB fails to make connection with backend, there seems to be no logging info available :
App is working fine , if I access from the compute node :
The LB has a health check that tests the connection to your service. If it fails, the LB will keep your backend out of rotation and give you the critical health like you're seeing.
You can get to it by looking at the backend set and clicking the Update Health Check button.
Edit:
Ultimately I figured it out, you should run the following commands on your backend:
sudo firewall-cmd --permanent --add-port=8080/tcp
sudo firewall-cmd --reload
Use the port that you configured your app to listen on.
I used httpd instead of spring, but I also did the following
sudo semanage fcontext -a -t httpd_sys_content_t "/var/www/html(/.*)?"
sudo restorecon -F -R -v /var/www/html
I'm not really too familiar with selinux but you may need to do something similar for your application.
Additionally, setting up a second host in the same subnet to login to and test connecting to the other host will help troubleshooting, since it will verify if your app is accessible at all outside the host that it's on. Once it is, the LB should come up fine.
TL;DR In my case it helped to switch the Security List rules from stateful to stateless on the 2 relevant subnets (where the loadbalancer was hosted and where the backends were located).
In our deployment I had a loadbalancer with public IP located on one subnet, while the backend to this loadbalancer was on another subnet. Both subnets had one ingress and one egress rule - to allow everything (i.e. 0.0.0.0/0 and all ports allowed). The backends were still not reachable from the loadbalancer and the healthchecks were failing.
Even despite the fact that in my case as per the documentation switching between stateful and stateless should not have an effect, it solved my issue.
I have set up an Google Cloud Compute Instance:
Machine type
n1-standard-1 (1 vCPU, 3.75 GB memory)
CPU platform
Intel Haswell
Zone
us-east1-c
I can ssh in using the external address.
I have installed the vncserver and can access it on port 5901 from localhost as well as the internal IP.
I am trying to access it from the static, external IP address but it is not working.
I have configured the firewall to open to port to 0.0.0.0/0, but it is not reachable.
Can anyone help?
------after further investigation from the tips from the two answers (thanks, both!), I have a partial answer:
The Google Cloud Compute instance was set, by default, to not allow
HTTP traffic. I reset the configuration to allow HTTP traffic. I
then tried the troubleshooting tip to run a small HTTP service in
python. I was able to get a ressponse from the service over the
internet.
The summary of the current situation is as follows:
The external IP address can be reached
It is enabled and working for SSH
It is enabled and working for HTTP
It does not seem to allow traffic from vncserver
Any idea how to configure the compute instance to allow for vncserver traffic?
If you already verified that Google Firewall or your VM are not blocking packets, you must make sure that VNC service is configured to listen on the external IP address.
You can always use a utility like nmap outside Google project to reveal information on the port status.
enable http/https traffic form the firewall as per the need. it will work!!
The Google Cloud Compute instance was set, by default, to not allow HTTP traffic. I reset the configuration to allow HTTP traffic. I then tried the troubleshooting tip to run a small HTTP service in python. I was able to get a response from the service over the internet.
As such, the original question is answered, I can access Google Cloud Compute Instance External IP. My wider issue is still not solved, but I will post a new, more specific question about this issue
TLDR: make sure you are requesting http not https
In my case i was following the link from my CE instance's External Ip property which takes you directly to the https version and i didn't set up https, so that was causing the 'site not found' error.
Create an entry in your local ssh config file as below with mentioned local forward port. In my case its an example of yarn's IP, which I want to access in browser.
Host hadoop
HostName <External-IP>
User <Local-machine-username>
IdentityFile ~/.ssh/<private-key-for-above-user>
LocalForward 8089 <Internal-IP>:8088
In addition to having the firewall rules to allow HTTP traffic in both Google Cloud Platform and within the OS of the instance, make sure you install a web server such as Apache or Nginx.
After installing the web server, you connect to the instance using SSH and verify you do not get a failed connection with the following command:
$ sudo wget http://localhost
If the connection is positive, it means that you can access your external URL:
http://<IP-EXTERNAL-VM>
Usually there are two main things to check.
1. Port
By default, only port 80, 443 and ICMP are exposed. If your server is running on a different port, create a record for the same.
2. Firewall
Make sure you are allowing http and https traffic based on your need.
oua re
For me the problem was that I set up the traffic for the firewall rule to be 'Egress' instead of 'Ingress'.
If anyone already initiated 'https'
just disable it and check again.
I'm running Ubuntu 14.04 when where I give any url even gmail.com it is showing "This Connection is untrusted". Its quite irritating for every website I have to add exception & for few of the website Add exception option is also missing.
Can anyone tell me how to remove this exception from my system.
First of all, don't do any banking or eCommerce through your computer at this time. The errors may actually point at a security hole in your computer.
Now onto debugging. Make sure your computer's date, time, and timezone are setup correctly. An off time could make the certificates invalid by showing that they are expired.
Run nm-tool (you may have to sudo) and look for the DNS entries. Your DNS should point at a server you know. A 192.168.#.# or 10.0.#.# entry is a DNS server running on your private LAN (most likely a router or switch). If the DNS servers are set to something not on your LAN or Google's DNS servers (8.8.8.8 and 8.8.4.4) change them to Google's DNS servers (just to test) by editing /etc/resolvconf/resolv.conf.d/base (with root) and add
nameserver 8.8.8.8
nameserver 8.8.4.4
Now run
sudo resolvconf -u
sudo service network-manager restart
and test if you are still getting SSL certificate issues.
Mozilla
Go to Tools-->Options-->Advanced-->Encryption.
Click on [View Certificates].
Select the "Servers" tab.
Select the exception to delete.
Click [Delete].
I had to reset my router and modem, after a 3 hour task of getting those working properly again I can connect to the internet.
I had WordPress running locally on MAMP and the IP address I'd connect to was http://192.168.1.141:8888, now I can't access this address at all locally, the page never properly loads. http://localhost:8888/MAMP/ does load, I can access phpMyAdmin, start page etc.
However localhost:8888 sort of 'half' loads? I can see the title of the site I have running locally in the browser tab and at the bottom it says 'connecting to http://192.168.1.141:8888' but it never loads properly.
Restarted MAMP, cleared browser cache, restarted computer etc, nothing fixes it.
While 192.168.1.141 is the address you used to connect to, after resetting your router and modem, depending on how your router assigns IP addresses (statically or dynamically), your IP address may have changed.
How to check your ip address on Windows:
Click start menu
type in cmd.exe
type ipconfig into the terminal
your ip address should be listed in the results
#gilsho: ifconfig is the *nix command, MAMP I think stands for Microsoft / Apache / Mysql / PHP.
Correction: #gilsho: you are right. MAMP is Mac, so you would use ifconfig.
http://en.wikipedia.org/wiki/MAMP
Once you confirm your ip address, we can continue to help you.
Edit: To make things easier for you, I would go into your router (usually 10.0.0.1 or 192.168.0.1) and set up your ip address to a static one (they usually make it easy for you; your mac address can be found in the ipconfig results, just assign the mac address to an ip address in the range it assigns you. That way, the router will always give you the same ip regardless of whether it is restarted or not.). This will not mean you can access your webpage outside of your router network though.
Edit #2:
Try using a simple index.html (maybe your apache comes with one) that you can try loading. Perhaps it is your webpage that bricks something while loading. In any case, it's best to simplify the problem. If you can load a simple html "hello world" page, then it's likely a problem with your code.
Edit #3:
Is your webpage using any additional technologies? You have PHP, Python, Ajax/jQuery, etc. etc. If one of these components or plugins is missing or not configured, you may also see problems such as loading issues, 405/500 errors, etc.
Routers typically use DHCP to hand out local IP address to host machines. I suspect that when you restarted your router your machine received a different IP address. In order to find your new IP address, run:
ifconfig
from the command line. The output should look something like this:
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether c9:a4:51:43:5b:1b
inet6 fe80::bae8:56ff:ae23:5c1a%en0 prefixlen 64 scopeid 0x4
inet6 2601:9:400:1185:bae8:56ff:fe43:5b1a prefixlen 64 autoconf
inet6 2601:9:400:1185:fdcd:395b:4671:7cbf prefixlen 64 autoconf temporary
inet 192.168.1.113 netmask 0xffffff00 broadcast 192.168.1.255
nd6 options=1<PERFORMNUD>
media: autoselect
status: active
search for the inet field, that's your current local IP address.
Ok well that took FOREVER to fix, but after I managed to reset my router and set all that up again I decided to use manual DHCP and just changed it back to my old local IP.
God, working with any equipment you get from an ISP is a nightmare.