Hello, i did that update and now both Adblock and Banip from Luci are not working. The Banip service can’t even start now. I did a factory reset but it remains the same. I can replace Adblock with Adguard Home but not Banip. Something changed with 4.9.0 OP24 that affects the Luci packages? Someone here with the same problem? Previous i was running 4.8.3 OP24.
Edit: I got Banip service working again after going to Luci System/Startup. It was enabled there but i pressed Start and Restart… and i worked. I did a reboot and it’s still working.
No worry — you can attach screenshots and the moderators will review them (this is to prevent those nasty ad bots, we had to tighten some post rules, but we won’t restrict images posted by legitimate users, once reviewed they will be displayed).
I checked the screenshots in PM, thanks for providing them, looks no problem.
This is not a bug nor an intentional miss it.
If the VPN tunnel is connected while ADG is disabled, the client (domain name resolution) will use the VPN tunnel’s DNS (via dnsmasq) — that’s expected.
If the VPN tunnel is connected and ADG is also running, dnsmasq will hand domain name resolution to ADG, so ADG will use the DNS server you have configured there to resolve names — that’s also expected.
Using a non-VPN tunnel DNS to resolve names does not mean a DNS leak.
What constitutes a DNS leak? For example, if you test with multiple DNS leak test websites and see your local DNS server appearing, that probably indicate a leak — but to be thorough we should capture packets on the WAN interface to confirm whether DNS requests are actually going out via the WAN.
Only DNS requests that go out via the WAN interface count as a DNS leak.
Could you share your router with us so we can take a look?
Stupid me. The "Allow Custom DNS to Override VPN DNS" option was enabled. After unchecking it, the DNS leak disappeared and DNS requests are now correctly routed through the VPN.
I’ve just noticed that my GL port forwardings don’t show up in LuCI interface and they don’t work at all.
Is there any workaround other than painstakingly adding manually on LuCI?
Is it MT6000 and is it v4.9.0-op24_beta2 firmware?
After GL GUI configured port forwarding, Luci will indeed not be displayed, but the port forwarding is actually working.
If you configured port forwarding in the GL GUI and it doesn't work, please try to check if there are ports conflict, if the configuration file is recorded or correct?
I stand corrected: using SSH I can see that port forwarding is still there, but it doesn't do anything.
I have multiple services on my LAN that are published on WAN (such as WebDAV) that can't be discovered (especially WebDAV that even with IPv6 or using DDNS won't work on WAN)
If I can do anything to fix it or debug it, please let me know
Hmm I have checked this on the 4.9.0 firmware on the brume 3.
I cannot replicate this, however because you also talk about ipv6 usually that does not need a port forward, only if you got a really small block of ipv6 you use nat6, normally only a firewall ACL rule for acceptance is fine.
My question though is masquarading still enabled on wan ?
Please confirm that the configuration file shows all port forwarding rules you configured?
Please confirm if the firmware is downgraded to v4.8.3-op24 and the port forwarding rules are brand-new configured, will they work?
If it works in v4.8.3-op24, please upgrade to v4.9.0-op24 again (do not keep settings), configure port forwarding rules, and conduct the following tests:
NOTE: the IP address in nc is the Flint2 WAN port IP, not LAN client IP.
If Connection refused, it means there is a problem with Flint2's port forwarding or client's port listening / firewall issue.
If open, it means that Flint2 port forwarding works without issue. Probably the ISP blocks the port or other reasons on the upper-level network.
The "Allow Custom DNS to Override VPN DNS" option was enabled. After unchecking it, the DNS leak disappeared and DNS requests are now correctly routed through the VPN.
