Re: How do I connect my new wifi router (Mi Router 4C)?

To: debian-user@lists.debian.org
Subject: Re: How do I connect my new wifi router (Mi Router 4C)?
From: Max Nikulin <manikulin@gmail.com>
Date: Thu, 9 Nov 2023 21:27:17 +0700
Message-id: <[🔎] d5790939-4715-47e3-87f4-f91f6c4ff01d@gmail.com>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] ZUuPqy5GpxdECWiU@redmoon>
References: <uhaiu5$enc$1@ciao.gmane.io> <ZTj61MJmNeMU9Wyg@redmoon> <uhb1vl$pb1$1@ciao.gmane.io> <ZTlqjTnCN7rSuRVh@redmoon> <uhckcu$11jo$1@ciao.gmane.io> <ZTo6Mh3xzHeXTBxW@redmoon> <uhdutq$13f6$1@ciao.gmane.io> <[🔎] ZUaWyzNE2lTjIFVY@redmoon> <[🔎] 13bfc626481e4ea253ac9eae45df3b9a6a566089.camel@yxit.co.uk> <[🔎] ui8dt0$prb$1@ciao.gmane.io> <[🔎] ZUuPqy5GpxdECWiU@redmoon>

On 08/11/2023 20:39, Martin wrote:

Here is output from phone connected to WiFi setup program:
Default gateway: 192.168.231.3

It seems dnsmasq is able to serve reasonable settings with minimalconfiguration.

         chain postrouting {
                 type nat hook postrouting priority srcnat; policy accept;
                 ip saddr 192.168.231.0/24 oifname "wlxe8de27a5ab1c" masquerade


You had a rule that was working for you.

I do not see obvious issues with this one besides docker0 instances arelikely inaccessible from the phone.

10:47:52.614642 enp3s0 In  IP 192.168.231.243.48257 > 192.168.231.3.53: 29809+ A? www.google.com. (32)
10:47:52.614851 wlxe8de27a5ab1c Out IP 192.168.0.16.34673 > 81.24.247.14.53: 10155+ A? www.google.com. (32)
10:47:52.614902 wlxe8de27a5ab1c Out IP 192.168.0.16.34673 > 81.24.247.44.53: 10155+ A? www.google.com. (32)
10:47:52.791389 wlxe8de27a5ab1c In  IP 81.24.247.14.53 > 192.168.0.16.34673: 10155 1/0/0 A 142.251.208.132 (62)
10:47:52.791559 enp3s0 Out IP 192.168.231.3.53 > 192.168.231.243.48257: 29809 1/0/0 A 142.251.208.132 (62)
10:47:52.794704 enp3s0 In  IP 192.168.231.243.46639 > 142.251.208.132.80: Flags [S], seq 4183167263, win 29200, options [mss 1460,sackOK,TS val 19413 ecr 0,nop,wscale 6], length 0
10:47:52.846385 enp3s0 In  IP 192.168.231.243.46640 > 142.251.208.132.80: Flags [S], seq 1626803236, win 29200, options [mss 1460,sackOK,TS val 19418 ecr 0,nop,wscale 6], length 0

Since packets from wlxe8de27a5ab1c to 142.251.208.132:80 are missed,perhaps IP forwarding is disabled or there is a blocking forwarding rulein the firewall. If I am not wrong, masquerading should affect source IPaddress of forwarded packets, but not their presence.

Warning: if you have not configured network interfaces for DHCP in dnsmasq
then do it. Otherwise other computers connected to the upstream WiFi link
may receive DHCP leases emitted from wlxe8de27a5ab1c.


Only thing I added to dnsmasq configuration is one line in
/etc/dnsmasq.d/myHomeDHCPrange file:
dhcp-range=192.168.231.241,192.168.231.254,12h

Dnsmasq may be smart enough to not send DHCP leases to interfaces withaddresses inconsistent with the specified range, but I would still limitinterfaces that dnsmasq listens to.


On 08/11/2023 21:30, Anssi Saari wrote:


systemctl start nftables.service

So if you're experimenting, you edit /etc/nftables.conf and after
editing run systemctl restart nftables.service

And be prepared that this command flushes away rules added by docker. Itis a reason why earlier I suggested to create a dedicated file that mayreload specific set of rules using "nft -f".


Current set of rules is more important than state of the service.

Reply to:

References:
- Re: How do I connect my new wifi router (Mi Router 4C)?
  - From: Martin <martin94@cryptolab.net>
- Re: How do I connect my new wifi router (Mi Router 4C)?
  - From: Tixy <tixy@yxit.co.uk>
- Re: How do I connect my new wifi router (Mi Router 4C)?
  - From: Max Nikulin <manikulin@gmail.com>
- Re: How do I connect my new wifi router (Mi Router 4C)?
  - From: Martin <martin94@cryptolab.net>

Prev by Date: Re: limit on attachment in mail to list
Next by Date: upgrade to bookworm broke ssh x11 forwarding
Previous by thread: Re: How do I connect my new wifi router (Mi Router 4C)?
Next by thread: Re: How do I connect my new wifi router (Mi Router 4C)?
Index(es):
- Date
- Thread