These commands works, but after reboot the device the ttl back to original. Any additional command can keep the ttl settings? Like load that nft file automatically when reboot
Not quite. Once you’re done making the directory, execute that command line beginning with echo. Then reload by the fw4 command to have the new firewall changes take effect.
This setting won’t survive a reboot/power cycle though. To do that, add that same echo command line to the Local Startup page @wcs2228 mentioned as the last line beforeexit 0. Do the same again for fw4 reload immed. before exit 0. Don’t forget to hit the save button(s), of course.
Section block_dns (block_dns) is disabled, ignoring section
Section gls2s option ‘reload’ is not supported by fw4
Section gls2s specifies unreachable path ‘/var/etc/gls2s.include’, ignoring sect ion
Section glblock option ‘reload’ is not supported by fw4
Section vpn_server_policy option ‘reload’ is not supported by fw4
Automatically including ‘/usr/share/nftables.d/chain-pre/mangle_output/01-proces s_mark.nft’
Automatically including ‘/usr/share/nftables.d/chain-pre/mangle_postrouting/01-s et-ttl.nft’
DROP all opt – in * out * 0.0.0.0/0 → 0.0.0.0/0 match-set GL_MAC_BLOCK sr c
No need to SSH into router, Really like this use in advanced settings, System, Startup, Local Startup tab… insert 3 or 2 lines of the above code, line one is only run once, then add # before it to stop execution.
Line 1 mkdir -p /usr/share/nftables.d/chain-pre/mangle_postrouting/
Line 2 echo “ip ttl set 88” > /usr/share/nftables.d/chain-pre/mangle_
postrouting/01-set-ttl.nft
Line 3 fw4 reload
Reboot the router
I’ve got an A1300 and it’s on OpenWRT 21 and firewall3 not 4. Tried the above commands but doesn’t seem to work with the older version. Anyone ran into this? I see tons of stuff for the older ip table stuff and nftable stuff for version 22 but not 21 and fw3