设为首页收藏本站
开启辅助访问 切换到窄版

 找回密码
 注册

QQ登录

只需一步,快速开始

搜索
宽带技术网»首页 ::::: 技 术 交 流 区 ::::: 『 光猫FTTx技术交流区 』 深圳电信IPV6外网无法访问电脑任何端口,友华光猫型号PT ...
12
返回列表 发新帖
楼主: gwaiter

深圳电信IPV6外网无法访问电脑任何端口,友华光猫型号PT925G

[复制链接]
gwaiter
 楼主| 发表于 2021-6-29 19:52:49 | 显示全部楼层
开日志发现关键,run out先不管$ I6 h# w- G6 h4 W1 I* }# e9 Q
那每当我从外网测试内网IPV6的时候就会出现下面的Warning/ @3 S% M# f4 s) W3 a) R( c- n
高手指导一下怎么解决,应该解决这个,网络就通了syslog: Ignoring non-LinkLocal MLD from :: received on br0/33$ i6 p0 i8 |+ m! \% Q8 [" y
2021-06-29 19:50:09        Warning        kernel: run out of client entry!9 R7 B" X3 G2 t) M" [* R
2021-06-29 19:50:09        Warning        kernel: run out of client entry!
8 i/ ^8 L7 D  ]4 ]7 G. g4 M2021-06-29 19:50:09        Warning        kernel: run out of client entry!
7 o" F6 Q1 K! U! I) B2021-06-29 19:50:09        Warning        kernel: run out of group entry!
1 R- `) S! `" h) @9 n1 o2021-06-29 19:50:09        Warning        kernel: run out of group entry!) t/ e# P5 g, X4 n( `. j& \
2021-06-29 19:50:09        Warning        syslog: Ignoring non-LinkLocal MLD from :: received on br0/33  F  \) w( V$ Q: d' A$ ~  p5 f& i
2021-06-29 19:50:09        Warning        kernel: run out of group entry!
1 o( B7 E! \" I! L- u$ l2021-06-29 19:50:09        Warning        kernel: run out of group entry!! o* \+ \5 A) M& R. y5 |  y
2021-06-29 19:50:09        Warning        kernel: run out of group entry!
4 g: ?* {5 |6 U* V2021-06-29 19:50:09        Warning        kernel: run out of group entry!- k" z( W1 w- q1 p$ k, L
2021-06-29 19:50:09        Warning        kernel: run out of group entry!9 g4 Y. s3 z5 M8 l# }1 b# B
2021-06-29 19:50:09        Warning        kernel: run out of group entry!/ e5 t; u  o7 v4 G- g0 k2 p& o
2021-06-29 19:50:09        Warning        kernel: run out of group entry!
: H# c1 T1 t' b0 f, L* Z2021-06-29 19:50:09        Warning        kernel: run out of group entry!
# T9 V* b- @; {- w2021-06-29 19:50:09        Warning        kernel: run out of group entry!
, C# G- p4 J  o" W4 p2021-06-29 19:50:09        Warning        kernel: run out of group entry!
1 t2 u2 P, d; b$ c* T2021-06-29 19:50:09        Warning        kernel: run out of group entry!0 x) V/ l8 k/ h
2021-06-29 19:50:09        Warning        kernel: run out of client entry!
: t* ~9 l, C  D, j- w2021-06-29 19:50:10        Warning        kernel: run out of group entry!6 Y* _9 W/ O2 d% _: y% H
2021-06-29 19:50:10        Warning        kernel: run out of group entry!
) I- T" [" b: k$ [# q% r2021-06-29 19:50:10        Warning        kernel: run out of client entry!+ [0 }8 A# a# u  n
2021-06-29 19:50:10        Warning        kernel: run out of client entry!
& y" S9 i3 \! Y. K2021-06-29 19:50:10        Warning        kernel: run out of client entry!. q% M) r+ {; m8 Z, {
2021-06-29 19:50:10        Warning        kernel: run out of group entry!, B' e1 Y9 G# Z. N5 j% T
2021-06-29 19:50:10        Warning        kernel: run out of client entry!% K  L; b5 f/ w
2021-06-29 19:50:10        Warning        kernel: run out of client entry!
+ l, I8 Y9 z  o  g% V) P4 J2021-06-29 19:50:10        Warning        kernel: run out of group entry!  X+ w: `% u+ ]0 O
2021-06-29 19:50:11        Warning        kernel: run out of client entry!% p+ h$ D) |" |
2021-06-29 19:50:11        Warning        kernel: run out of client entry!
) n2 `! }+ w8 w4 j+ ^2021-06-29 19:50:11        Warning        kernel: run out of client entry!% _1 y! R, ?4 [* Q
2021-06-29 19:50:11        Warning        kernel: run out of client entry!
/ c, J& e# X5 G8 \2021-06-29 19:50:11        Warning        kernel: run out of group entry!
3 a; y& o! a  d6 ?0 h2 f$ ?3 f2021-06-29 19:50:11        Warning        kernel: run out of group entry!8 s8 C5 J+ b7 g2 }6 w* B6 U! y& j

6 |9 K* B9 `7 X
回复

举报

gwaiter
 楼主| 发表于 2021-6-29 21:26:38 | 显示全部楼层
给各位认真研究问题的一个小福利,上面的问题虽然暂时没解决,但是我发现一个明显提升IPV6稳定性的设置方法,任何光猫xml文件里调整这几个值,如下:8 y# S' B  y5 P8 u  k& J% Z  F
! z) _+ n" D$ k! i, F
基本上IPV6就稳定不掉了,设备更新、获取IPV6地址速度也超快,具体这几个值什么作用呢?自行搜索一下,就不解释了。
  u* `. c  }$ x% ~7 M' G电信默认的值太大,导致IPV6经常性的不稳定。
) C' e* j. G$ `5 H
" p; ]# N9 V. s% v+ x  <Value Name="DHCPV6S_REBIND_TIME" Value="120"/>- ?6 ?0 x* L+ v3 W$ [: m, l, A
  <Value Name="DHCPV6S_RENEW_TIME" Value="60"/>
" n9 n( b5 e/ ^; B' F5 N
, }* ]$ l" l- [! E& W<Value Name="V6_ADVDEFAULTLIFETIME" Value="60"/>% e1 i: j0 i, j6 ]: T. b* I
4 c- t- S2 C- c
  <Value Name="V6_MINRTRADVINTERVAL" Value="30"/>
! x$ U$ D2 b5 r" T2 {, a* o( X <Value Name="V6_MAXRTRADVINTERVAL" Value="40"/>
回复

举报

gwaiter
 楼主| 发表于 2021-7-1 00:12:33 | 显示全部楼层
折腾半天,又找到一张桥接路由表了,看样子防火墙还真不止一个,但是这个表接口太多,不敢乱动,头大试了都加上ACCEPT不行,-t brouter 里全加DROP或ACCEPT也不行,还要继续研究
! y1 {; s- u5 G
' ^  a, v  d" b# y$ \: I#ebtables -L" O$ s9 }0 [: n5 l9 h: W0 A7 m9 E
Bridge table: filter
* K  S0 ]4 e( a. s2 e
, c2 h2 }; E. ~& `Bridge chain: INPUT, entries: 5, policy: ACCEPT
0 n7 x5 W3 l5 i7 `5 r1 v6 E* @-j BRWANs_BIND_LANs
1 K. u( l' ^6 A( u# s: Y& S-j br_wan
: p( _8 l$ d+ |. f3 v-p IPv4 --ip-proto udp --ip-sport 68 --ip-dport 67 -j dhcps_disable
/ e) q+ u0 r% |1 L8 |. ], G* ]% i-j portmapping_igmp/ e9 r! c) s+ B- l  t% j
-i wlan+ -j WLACL_INPUT
. ~4 B/ s. N$ A
$ g# |2 z& x0 dBridge chain: FORWARD, entries: 10, policy: DROP
  E& k! R0 h5 S, e-o veth+ -j ACCEPT
$ ?# k$ z# M3 ]# o  y! O1 T3 R-i veth+ -j ACCEPT
" @, B) m4 k$ K" d- K1 B- x-j disBCMC: c& f0 K% J. g4 h' n' Z
-j wlan_block. Q+ i3 S! z' \6 N! W
-j br_pppoe; g* Y" t0 o4 n3 Z. k1 n
-j macfilter_r
" w) l- R4 ^6 d: ~! r6 ?, b* n) q-j internet_accessright_b" t) f2 [1 q" v$ s
-i wlan+ -j WLACL_FORWARD! d" g* c9 b- Z# R7 V
-j vlanmapping8 M. j: V8 i* w" B/ s+ ?) X
-j portmapping
" w. c" t3 ]+ n2 o
8 A$ U4 N( c& ~# b& @Bridge chain: OUTPUT, entries: 2, policy: ACCEPT& i1 `$ ?! _6 f7 }2 d- N9 T
-j BRWANs_BIND_LANs# y2 V9 q) g: \* t0 X
-j br_wan_out- [# |9 m- P: V5 h. P

$ M: {* \# T& d+ nBridge chain: BRWANs_BIND_LANs, entries: 2, policy: RETURN' |& h" S5 I* Y2 T1 b0 t& U/ Y
-p IPv6 -o eth0.3 -j DROP  r) g8 j% L% w7 Q4 M  s
-p IPv6 -i eth0.3 -j DROP, r6 ^) D7 N8 Q/ o

; C) V" R' a" L8 nBridge chain: br_wan, entries: 1, policy: RETURN
& e+ z  p8 y0 R* A( R! [: a) ]0 I-i nas0_2 -j DROP
3 o; u+ t. o+ y, w' d: c( x, Z' ]4 G  f/ ^) S: V' j( S( n, Z
Bridge chain: br_wan_out, entries: 1, policy: RETURN+ _- Z8 g+ U0 p9 n1 ~; m
-o nas0_2 -j DROP( S: N8 q$ M5 E2 h. X7 M& ]
5 v3 v. C+ X8 {. T0 n
Bridge chain: wlan_block, entries: 0, policy: RETURN0 `; p! V5 S' g# H
* l' i$ d: U% k- R' N
Bridge chain: br_pppoe, entries: 6, policy: RETURN
1 r1 F/ C4 T. g' b; ?2 {-p 802_1Q -i nas0_2 --vlan-encap PPP_DISC -j RETURN
2 D% O: r+ R2 g- d-p 802_1Q -i nas0_2 --vlan-encap PPP_SES -j RETURN. o8 w3 j' _' L% v
-p PPP_DISC -o nas0_2 -j RETURN( y& _& s6 Y& R0 V+ ?6 c
-p PPP_SES -o nas0_2 -j RETURN6 D% d5 s- R  V* K
-i nas0_2 -j DROP
; J& R6 L& S% |- n- @$ R-o nas0_2 -j DROP$ k4 V# ~7 b. D5 ^
. H9 {, b; d0 k
Bridge chain: macfilter_b, entries: 0, policy: ACCEPT
* I" |& O' c8 @" C7 k/ U
. B+ T; H/ q, w9 h: Y, c3 `Bridge chain: macfilter_r, entries: 0, policy: RETURN
9 u+ V' ?; ]3 j, T$ t/ a: R5 \* c+ d9 f$ T" y# Q  n8 C, m
Bridge chain: internet_accessright_b, entries: 0, policy: ACCEPT: V; r( k# P4 x

+ X5 y5 b9 K5 R/ J! v' OBridge chain: disBCMC, entries: 3, policy: RETURN
! g5 k3 o4 ~" H7 M& j3 v-p IPv6 --ip6-proto ipv6-icmp --ip6-icmp-type 130/0:255 -j RETURN% A: [# n/ n) ^% J
-d Broadcast -j DROP
+ `; S: n/ x7 y-d Multicast -j DROP+ X- |5 v7 o2 \

' D) @/ ^3 C; U4 r( A, ]$ p& IBridge chain: dhcps_disable, entries: 1, policy: RETURN, H& B: ?5 F+ e3 d6 z- ~+ B' L$ {
-i eth0.3 -j DROP% t" F2 B+ b6 k" i" W

$ X* r. ?9 T8 t) Q! ]/ cBridge chain: portmapping_igmp, entries: 1, policy: RETURN
( ?6 U" K8 [+ b9 z) j1 O. _-p IPv4 -i eth0.3 --ip-proto igmp -j DROP& F& Z& M- e& |: x' k8 K- w
5 p8 z( x2 W8 k1 u+ f% z7 {
Bridge chain: WLACL_INPUT, entries: 0, policy: RETURN) X( j/ L* f2 T8 O5 i1 |$ }

" _$ b. `+ ^2 [+ N: VBridge chain: WLACL_FORWARD, entries: 0, policy: RETURN) \* M' F7 V- Q6 @& N* \# p

' u2 X' p! C8 p3 z, [+ bBridge chain: vlanmapping, entries: 21, policy: DROP
8 g3 ]8 ]2 z7 N- O-i nas0_2 -j RETURN
4 b4 ]' i3 }! P* F! @6 b-i wlan1-vap6 -j RETURN4 g: W  Q% ]/ A7 [# @1 l/ K
-i wlan1-vap5 -j RETURN
5 }1 Q$ u5 w; h. |' m: T-i wlan1-vap4 -j RETURN: c; I" r0 @7 N0 x' W- \
-i wlan1-vap3 -j RETURN6 F$ `! F4 i- N' G
-i wlan1-vap2 -j RETURN* `9 w7 y7 O) q3 l* ~" K
-i wlan1-vap1 -j RETURN& ~; O' q! `/ r+ v& c8 F
-i wlan1-vap0 -j RETURN
  n) }( `/ Q3 _6 [-i wlan1 -j RETURN+ B1 L2 e/ L2 q+ J# i+ Z9 V3 r* u
-i wlan0-vap6 -j RETURN4 }  \2 g; Q' F5 D: G7 R
-i wlan0-vap5 -j RETURN
+ e* T7 U( _% |$ \-i wlan0-vap4 -j RETURN5 Y. b5 x6 A$ b9 f% z) ~3 ?
-i wlan0-vap3 -j RETURN
0 Z- U# f' M9 J-i wlan0-vap2 -j RETURN5 U4 O# X* `6 C8 \/ e* s
-i wlan0-vap1 -j RETURN5 c; f! S* T# R% R
-i wlan0-vap0 -j RETURN
  o$ t# ~' s. D# k, z$ V-i wlan0 -j RETURN6 H" H" Z# g  v! ~( _
-i eth0.5 -j RETURN! N4 d# M: S/ G# S; o# @
-i eth0.4 -j RETURN
: W* h9 r. Q/ L-i eth0.3 -j RETURN
! L# M& [: x' k( a) \  n-i eth0.2 -j RETURN
, H9 J( D) h, }. x+ L0 J
6 I. I1 W8 O  u2 c9 ?Bridge chain: portmapping, entries: 8, policy: ACCEPT. @5 u. K2 i8 k2 y$ X9 n
-i nas0_2 -o eth0.3 -j RETURN
3 w* L' l$ G0 r7 s& S-i eth0.3 -o nas0_2 -j RETURN
0 h9 H1 r# z$ A2 }# ^8 E6 B-i eth+ -o eth+ -j RETURN
% j6 b9 S" u1 R* x( m* t-i eth+ -o wlan+ -j RETURN
/ H% N) o- y7 u6 ^; V( X3 C-i wlan+ -o eth+ -j RETURN5 G5 G5 f% j" X0 b4 E% K
-i wlan+ -o wlan+ -j RETURN$ }- M# A, b8 n& _7 L7 x
-i eth0+ -j DROP
: b' q4 d, V* D) G-i wlan+ -j DROP
  ?8 {8 J4 I" X$ d+ P7 _. r4 ~* [/ ^4 g
4 D  i2 M+ o, Z6 G: u
8 v- b# c7 N+ `$ r; w
#ebtables -t broute -L9 J  g0 c, P0 ?5 P% F6 a6 O
Bridge table: broute( U) M; T9 x( V: Z5 v8 r

% D, v! O" h* PBridge chain: BROUTING, entries: 4, policy: ACCEPT
5 Y6 l0 G' Q0 Y* X* p-j broute_vlanmapping
0 m" e+ U7 z. ]0 R-j vlanbinding' N5 P- g0 M" Z3 v( a' }/ q1 e: K# O
-j br_pppoe
0 o5 L# a. i7 N-j qos_eb_rules8 h# Q! }7 v  F) _; w1 r% p& o/ l. N

% X: }) @# s' |* kBridge chain: br_pppoe, entries: 1, policy: RETURN& U- p+ Y' |% X" o6 D
-d 74:b7:b3:43:14:e8 -i nas0_2 -j DROP
& H% z' e/ b0 |- W& j
* t# N' u$ U& ?% n  |, A: {Bridge chain: broute_vlanmapping, entries: 0, policy: RETURN: D' }& g% H, G9 u0 `; J' N+ \: p
5 P/ J! l5 W2 g7 w; Y  N
Bridge chain: vlanbinding, entries: 0, policy: RETURN1 ~# V, K) |9 P- B) v- a$ B: t

" D9 r: K: A' p3 {Bridge chain: broute_chain_eth0.2, entries: 0, policy: RETURN
3 b: M" }5 ~( B# R
3 A( b3 z% U8 |; D, s& D- r2 SBridge chain: broute_chain_eth0.3, entries: 0, policy: RETURN# Y7 E  E9 p+ G$ v8 o9 a

6 G# N! ?9 W% R1 U) c+ d; v/ G% A. eBridge chain: broute_chain_eth0.4, entries: 0, policy: RETURN
3 y' R, H3 K9 k1 _" D+ F' r
6 h3 o, P) n+ Q7 z; {Bridge chain: broute_chain_eth0.5, entries: 0, policy: RETURN
* Y$ r- z- S8 Y1 |; O. ]" v' |9 o
" e4 T1 R! K, E4 t0 v; |/ j9 @Bridge chain: broute_chain_wlan0, entries: 0, policy: RETURN( R# I0 V1 S- f+ i3 S. F

4 i0 @9 W8 z- Q! x% Z( gBridge chain: broute_chain_wlan0-vap0, entries: 0, policy: RETURN4 I: t2 M9 q; S( e, A

3 `1 P2 E( F7 ~  }3 _. R3 J$ oBridge chain: broute_chain_wlan0-vap1, entries: 0, policy: RETURN5 t8 y. s" o, s3 b/ ]( B
" ?& N- u6 F1 h0 Y
Bridge chain: broute_chain_wlan0-vap2, entries: 0, policy: RETURN$ z( ?6 D. d8 q' ^' t; ]0 J' G$ J
! n5 H7 Z( S! R  D/ i  [* s
Bridge chain: broute_chain_wlan0-vap3, entries: 0, policy: RETURN
0 r! d- Y/ [0 G  X. w8 C7 b3 Q5 j" i) ?/ T) j& N; I
Bridge chain: broute_chain_wlan0-vap4, entries: 0, policy: RETURN
- q( F" p/ B0 R- B2 K8 b5 a1 ]
1 Q0 G/ U. e8 g2 f) W6 _4 n1 wBridge chain: broute_chain_wlan0-vap5, entries: 0, policy: RETURN, V6 I; a) K1 }  _8 O5 R

% s* s7 o  F" l, i" h: d( r5 tBridge chain: broute_chain_wlan0-vap6, entries: 0, policy: RETURN
5 a" M& u& {4 C; q. Z7 J  b9 Q$ h% `; ?8 A' {7 T2 L
Bridge chain: qos_eb_rules, entries: 8, policy: RETURN0 j- q( I, ~6 ?
-p IPv4 -i eth0.3 --ip-dst 255.255.255.255 -j mark --mark-or 0x100 --mark-target CONTINUE
# k+ X- W  a0 G+ Z) z-p IPv4 --ip-dst 255.255.255.255 --ip-proto udp --ip-sport 5060 -j mark --mark-or 0x200 --mark-target CONTINUE5 r6 `7 z  H$ E1 \2 `. i* ~# q" Q
-p IPv4 --ip-dst 255.255.255.255 --ip-proto udp --ip-sport 9000:9010 -j mark --mark-or 0x300 --mark-target CONTINUE
) h- Q0 k' q' z2 P9 ?-p IPv4 --ip-dst 192.168.111.34 -j mark --mark-or 0x400 --mark-target CONTINUE
- l2 b5 ]7 j$ e* N-p IPv4 --ip-dst 255.255.255.255 -j mark --mark-or 0x500 --mark-target CONTINUE
! Q" S& p. f. ~: q4 V$ Y-p IPv4 -j mark --mark-or 0x600 --mark-target CONTINUE
& U! g/ L2 s) ]( I( G+ w8 }3 \-p IPv4 -j mark --mark-or 0x700 --mark-target CONTINUE: h8 B* ~/ p+ v) C8 q) R1 C; h9 Z
-p IPv4 -j mark --mark-or 0x800 --mark-target CONTINUE- A' e1 ?* y8 Z7 a6 ]) q: f
) x0 u% d8 _- ?/ ]! s. C: j% J
) Y) ~5 H# ~$ ]' F* x
回复

举报

gwaiter
 楼主| 发表于 2021-7-1 00:24:19 | 显示全部楼层
说到桥接表,那必须要有接口信息才好研究,接口信息如下:: S: j& N% D# B6 ~5 F; C2 P" d
2 l$ Y2 j: U: ?9 P2 ^6 M- x
#ip addr show
6 a" T& J* H2 g$ r; h' C4 ?. `' D/ ^! U4 }" z; T! L6 S
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
7 r( [8 z! Q; p4 E! C3 S1 `! q7 v( }1 U5 [$ I( c
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00% @5 t0 c4 A; U: c4 i- y) @! @8 v) P

% G2 ?" X1 M: j, \. H+ p    inet 127.0.0.1/8 scope host lo
' Z! ]+ r1 @4 a5 f: A6 g, x+ v8 v2 [; u  ]! d9 s) j9 W6 E' J
       valid_lft forever preferred_lft forever
3 p! H% `( ?& p* N
( ~9 ^6 y5 p3 K2 N2: ifb0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 32
) M) m) y; a, }  E
- D/ k+ K3 M5 o3 w. B+ b. U" Y    link/ether b6:be:c8:6b:52:f9 brd ff:ff:ff:ff:ff:ff
9 V( E6 n; ]" f; z0 ~& L: a( g  h- U/ _- ?2 Z. N$ T& r
3: ifb1: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 32
/ f- K7 n3 @3 @" W* Y, T  ~" E! s0 p! R
    link/ether 9a:90:b4:6a:81:77 brd ff:ff:ff:ff:ff:ff/ n+ o! g0 T, [9 b% F1 q9 f2 O
9 |# ^+ h/ ?& r. T- h
4: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UNKNOWN qlen 1000
8 T" @) O3 M& g" p' e# v6 L* S# O6 }& @
    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff1 \  {2 r' [4 z7 d! s' B

& u7 z! R9 G3 O" ?  B5: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000; j: a; F! I5 g/ j. Q, P: D% ]  ~

6 q" K) t  L" G! D    link/ether 00:00:00:01:00:02 brd ff:ff:ff:ff:ff:ff; W4 c5 R1 |' J: S  Y' ^

6 ?6 i. E/ _  n" l. H6: eth2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
4 q" b% E7 E4 s, M! S; J% p+ `! y% S/ [
    link/ether 00:00:00:01:00:02 brd ff:ff:ff:ff:ff:ff2 l" P9 U$ A+ }5 h% j8 p( ~  r
. U) L/ ^3 T  D8 i! v
7: eth0.2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP qlen 1000
/ b8 U* U! ]1 e) q4 n2 c5 R4 \8 h6 p. f$ b
    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff
0 q  R: k+ W- [" ^( d1 Q& [9 w% `% k, [
8: eth0.3: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master br0 state DOWN qlen 1000
/ A" |: {* O- A0 k- \1 r8 ^' j( w' T- n
    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff7 M) f' {1 T/ w$ d& W+ @  V

& g+ j2 t7 V$ a0 o2 ]. K9: eth0.4: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master br0 state DOWN qlen 1000
2 N: {& \& B" E) v; C; o. @6 p1 {- S, G8 Q
    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff
% O6 D$ F5 @% h( c% T
# Y- v! K+ D. p; \7 F$ J10: eth0.5: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master br0 state DOWN qlen 1000
2 w+ ^, O# f7 s% Z8 j. k2 Q* p# D9 k$ S. l
    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff' D3 R) Q& v! P& k

) {* m3 [6 M* d11: eth0.6: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 10002 p7 {6 O6 Z: d" f( U2 S

. ~& o3 ^, @& X    link/ether 00:00:00:01:00:02 brd ff:ff:ff:ff:ff:ff
: c2 M2 R6 _$ F. J7 ]' v% H) j. X5 l" C. o
12: nas0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 10001 ~2 H9 I! c  {4 Q* p

& J0 @5 [( @" x2 R, M8 t4 x8 E    link/ether 00:00:00:01:00:02 brd ff:ff:ff:ff:ff:ff3 W- b; y+ b, T7 B

/ y+ o) P& |7 v! V( j3 b13: pon0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000. h' _1 D5 c1 K8 G$ M* t% U" w. E
; A7 G# j+ J. ?  l! F% G% S0 P
    link/ether 00:00:00:01:00:02 brd ff:ff:ff:ff:ff:ff
6 \$ T8 u/ X1 U3 Y  I5 `
% A6 A2 s2 c9 X6 D, P" g7 P  {14: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 10006 a4 M1 u7 L4 K1 q+ g. ^4 M
$ J  I+ _) v& B4 l% e6 X
    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff
4 b7 K" g7 `5 L
& m0 M, \& x0 X; P7 G15: wlan0-vap0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
1 e( W) M5 N1 z+ O7 h5 o
3 g. m0 G9 R0 j8 L4 z9 `: l5 B    link/ether 82:b7:b3:43:14:e5 brd ff:ff:ff:ff:ff:ff- l3 R- G( u. B# Z9 [; F

# `" ?  f5 ^; ]. F, {6 i16: wlan0-vap1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
: G. P0 b$ w7 g) z1 _
( Q6 |/ j3 T7 j' m8 H% P+ G! m    link/ether 82:b7:b3:43:14:e6 brd ff:ff:ff:ff:ff:ff
: ^: `* d$ v! |. t  E6 m% }; _' B# h! O2 X1 j
17: wlan0-vap2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
& s& ]3 H- Y1 K5 b) \- i- {: a5 u8 O
    link/ether 82:b7:b3:43:14:e7 brd ff:ff:ff:ff:ff:ff
& b  p8 p' q- z8 r2 m- X  g  k& y$ x/ g! c0 q  ?( n
18: wlan0-vap3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 10005 F4 V& ?; k) }! l

1 R, j+ r$ ]3 T    link/ether 82:b7:b3:43:14:e0 brd ff:ff:ff:ff:ff:ff
5 @/ b- N' `8 l. R1 S5 X3 E4 t4 c1 _# q9 x, U' ]
19: wlan0-vap4: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
  ]1 N) e( e8 M% P6 [/ V3 t0 D
% @% u# v7 W- }" F& C0 f    link/ether 82:b7:b3:43:14:e1 brd ff:ff:ff:ff:ff:ff. H$ _+ V. Q  |/ _4 w
/ ~+ n9 P3 z# O7 ~! K/ {$ Q6 q
20: wlan0-vap5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000: `7 B  m5 i! ]5 I- p( b+ E3 E
0 T" B* x3 e+ {; d+ q: [
    link/ether 82:b7:b3:43:14:e2 brd ff:ff:ff:ff:ff:ff* q% B% T: H" i
. N% Q$ K3 Z9 P
21: wlan0-vap6: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000+ h2 P/ T+ T& g6 `
) a% X7 N7 t1 D$ K6 m
    link/ether 82:b7:b3:43:14:e3 brd ff:ff:ff:ff:ff:ff0 K% q9 p/ {  X7 h$ H! n4 l

* Q6 p% {: J* L1 r$ m! l22: wlan1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
7 H! k" _6 R* p) E1 e* H0 W0 K( i  ?/ g3 n! N/ R
    link/ether 74:b7:b3:43:14:e5 brd ff:ff:ff:ff:ff:ff
; E* J# q% x4 h; A3 u
" k+ Z# x& e$ {! i' J+ c$ r. {' Z23: wlan1-vap0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 10009 t0 J, a% t9 w) q4 V; t$ B. x' F( Y
& L; g3 v, G/ R8 ^' ^
    link/ether 8a:b7:b3:43:14:e6 brd ff:ff:ff:ff:ff:ff9 p. d3 O) s/ Y6 K. h

# a8 d1 s0 t% h( l( x24: wlan1-vap1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000* ?- r0 Q: A$ o# }4 j5 f% ^" u

& d, q) f1 l& t3 ?) J    link/ether 8a:b7:b3:43:14:e7 brd ff:ff:ff:ff:ff:ff
4 H8 r( G" l1 `& L( b  N: R& E5 z5 l  R1 a
25: wlan1-vap2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000# R. l! k' [2 i
3 O8 A- K9 Q. C) d( K. }) W) V4 H
    link/ether 8a:b7:b3:43:14:e0 brd ff:ff:ff:ff:ff:ff
" p+ _7 V5 v9 L! h
1 h+ n- Q0 ~" @4 H! C26: wlan1-vap3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000/ S1 _; J. v, j. T' d

3 J; v3 }& g, F& F# E    link/ether 8a:b7:b3:43:14:e1 brd ff:ff:ff:ff:ff:ff6 S9 X, F0 E# j
& K2 @% H# d, {+ q  q! `) b/ L) i
27: wlan1-vap4: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 10004 N; y/ ~6 f8 V6 j& h

6 U6 o- u5 c6 u! u3 N2 d    link/ether 8a:b7:b3:43:14:e2 brd ff:ff:ff:ff:ff:ff
) h& }- m- m1 j+ F7 N
$ [. ~; r# K2 T# B  `* }+ A: t% t28: wlan1-vap5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000( r3 \8 ]$ C& i, a- [4 |: M. ]

+ {/ [  S4 P) A7 a    link/ether 8a:b7:b3:43:14:e3 brd ff:ff:ff:ff:ff:ff+ k2 i6 ^3 h4 U5 W, N
+ P% c' @5 i; n+ V7 N
29: wlan1-vap6: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
( r. _) ?6 {! b  G# s2 _2 q
7 m8 J- V: r! A2 D* q' a" G# h    link/ether 8a:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff4 ^* A9 ^, R5 W
: @& q# d4 \" Y0 B. y" I8 t# A$ _
30: pwlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
+ s+ k* T; H! Y, b* V% h# X' E* n5 g
    link/ether 00:e0:4c:81:96:96 brd ff:ff:ff:ff:ff:ff
3 V9 F- `9 A6 z) q% H9 l" V% @6 e5 y9 L" C# U- [3 f
31: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN
- T0 z9 g: f: [9 j1 y
' D) J# D9 c& g/ Y7 f    link/sit 0.0.0.0 brd 0.0.0.08 z4 L  v8 S$ r: q2 n
. h! i# g0 G" c
32: ip6tnl0@NONE: <NOARP> mtu 1452 qdisc noop state DOWN
. h8 Q0 p) m9 U0 K0 b# F4 f1 H& d  X, ^) K0 M- V
    link/tunnel6 :: brd ::* @5 X" P6 q" F# E

. Z3 H7 `: b8 s9 d. t4 [33: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP! W9 ?: t: U( o% |: o% J# W

3 w5 U  U- T+ y    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff# F2 Z, K4 D: K! J% \: v6 E0 K+ g

. i5 j: R1 O# |    inet 192.168.1.3/16 brd 192.168.255.255 scope global br0- v( Y& W% W! Q8 _- z
! K5 z. i: c: O3 m, s9 ^/ F. T) v# B
       valid_lft forever preferred_lft forever
# v6 y* a2 [7 @% P7 O
, _7 R; d. }' v  a( G) ]- r4 w    inet6 240e:3b2:2c12:6b40:76b7:b3ff:fe43:14e4/64 scope global
/ @1 T( s, Z9 N: m) _
6 N8 n) B& Z4 y, ], Y, w8 v       valid_lft forever preferred_lft forever* _4 m: f) v3 s) N9 W

) O! K' b! m9 e( t( b8 _7 W1 ^8 C5 J    inet6 fe80::1/64 scope link8 w3 C+ ~: [% P0 N

1 U5 j3 a' H1 [6 l       valid_lft forever preferred_lft forever
0 M- [3 c: ~* z: V9 [5 L( |. ^0 C! C5 A! o* F4 w
34: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc noqueue state UNKNOWN
6 U$ c8 y/ ]* W' i: E. v8 }4 s! |, `
    link/ppp
' R, f! \9 X6 G3 ]/ o! m
) I9 V& T; [4 G' ?. L6 ~    inet 183.15.*.* peer 183.15.*.*/32 scope global ppp0//公网,后几位隐
0 B$ j6 s# w8 N( ]3 G2 u+ T+ L) m3 k' h' U) Z
       valid_lft forever preferred_lft forever
& g5 Q0 b3 I9 m% ?
) g, r$ S3 r2 W7 |& a* K    inet6 240e:3b0:2c11:6451:*:*:*:*/64 scope global dynamic//公网,后几位隐
& ]+ y2 Y3 W2 D0 x5 y3 R3 ^' y4 h3 f3 D: n+ b- k
       valid_lft 2591961sec preferred_lft 604761sec
. [  z3 \8 S& l% U% X
* D! k9 h, a. }; I: u: V8 {% l    inet6 fe80::*:*:*:*/10 scope link//后几位隐. c  a& f4 D/ i# ?) P$ [& @
$ l5 o7 U) {, t4 V" f& b
       valid_lft forever preferred_lft forever6 S6 D6 N2 g5 g
( _3 [' A& u1 z, `2 u
35: ppp1: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 31 h+ G$ B) {- U0 P- }) w

1 @( \  W4 X! }# a) f5 n' |! P    link/ppp; U4 _1 N/ M; F/ f
9 t2 [$ `" ^' Z
36: ppp2: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3
9 P# d; G0 p( e
  j+ U9 R: k$ G; ^/ p( ?    link/ppp
1 V' G+ _2 v0 a% ?5 X3 J$ H8 M
, y4 g6 X1 D7 P/ I4 X37: ppp3: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3- K/ `7 C) e0 z7 H
) `4 i3 m$ e+ O% j, Q
    link/ppp& ]2 G7 ?; n- R2 V5 Z  x9 g# X, u

' _2 v) `) @* B6 b38: ppp4: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3
' i" A0 v, \  H; {- b3 ^. q1 y4 v3 u7 }( G
    link/ppp' m, |8 E  C. P( {3 G4 _

4 M6 A; t% @5 s" ^39: ppp5: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 36 j0 L( b( m0 q' @

( e5 Z3 s' ~3 w' e    link/ppp
# M. d* J3 e: Y& @+ E' E& s% B6 T# o! ^$ P0 q) n
40: ppp6: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3# q; J1 ~- q( C1 m

7 C5 W# f, l3 U5 u& `3 d: P    link/ppp
2 G/ B$ b0 ]9 n  \* U% B& W+ l# P: W+ q+ J" k
41: ppp7: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3
- i1 N& v. x+ ^1 e; ~# F
+ u( Y! ^4 M, |+ J0 H( A, q1 N    link/ppp2 Y4 ^, X: s8 Y0 q" ^2 v

* ^+ Z$ `% U$ s1 Q4 s' H) s42: ppp8: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3; C" M; D5 y& N" ]
' j' d7 r, t2 `" A% ~! l
    link/ppp3 c9 j: q! f" K1 b3 Z8 r

- [, d3 S: D, _43: ppp9: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3
6 L& D3 b$ h; b# g
+ V- V! V: ?' v  P    link/ppp. a5 R* w( N/ M2 A0 K0 m

" o( @6 ]* x+ H; P2 a44: ppp10: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3
3 }+ z, {! z5 @. R; z$ r# _! e; u( B: q! _- b) a3 t
    link/ppp
/ L' J3 h0 D- [3 }; |3 g4 z) w; O+ e2 N0 k
45: ppp11: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3
0 H6 x/ w' u' S5 t% C3 e& y: V3 w0 \- A" L; ^' _, r1 X# K
    link/ppp6 @8 Z3 C3 _( a1 U
4 ^2 U/ _5 k9 @/ V; u
46: ppp12: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 30 |. D/ {0 D2 ]/ l$ m5 ~) E  f
+ ^( i) o2 \7 Y6 x* h! k' f
    link/ppp, Z: n  U4 X3 H: Q

/ ?$ W8 N( p4 z$ b/ `; d47: nas0_0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc prio state UP qlen 10
6 m/ R+ J' `* X& b5 V
( ?* R( J6 A* c4 D1 h1 p0 ?    link/ether 74:b7:b3:43:14:e6 brd ff:ff:ff:ff:ff:ff
: _( p3 s. |: j8 f; X& J% M) h3 O/ D/ M8 _
    inet 11.54.8.28/21 brd 11.54.15.255 scope global nas0_0
* F/ n: r# b" }( H# |- O4 x
! P& a7 V8 {6 k. C. u- v) A8 }; z. b       valid_lft forever preferred_lft forever1 I' Q) |& T8 P# x) U6 v# l. d

2 [8 H4 G5 _: i7 u5 O! U4 s7 Z48: nas0_1: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 105 I7 u: n' F/ F7 X1 M5 ^' M. m, H& w: N
2 J. B" S6 l+ @- V4 S) s
    link/ether 74:b7:b3:43:14:e7 brd ff:ff:ff:ff:ff:ff
  Q! G8 N& f9 Y% T7 l# ^& H9 q6 |- f+ G. i; A: C1 w1 I
49: nas0_2: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP qlen 10
6 o: C% J2 }3 g- \* n. N; S4 M# `$ Z: L! C! ~
    link/ether 74:b7:b3:43:14:e8 brd ff:ff:ff:ff:ff:ff
& {! f7 J8 d% \, S8 P- j0 P" T) X, C& R* K4 `
50: lxcbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
7 H- z8 V0 S4 t  L, E5 C3 k; d+ E' T$ o/ ?5 s  `% q
    link/ether fe:84:ce:64:86:d8 brd ff:ff:ff:ff:ff:ff+ E5 M: p" v5 Y. y) [

" b/ d  G# D( X$ j! G+ N    inet 10.0.3.1/24 brd 10.0.3.255 scope global lxcbr0; U5 l$ F" ?6 h: @% v/ ?

0 O( G' s" D& H/ _" C# p       valid_lft forever preferred_lft forever* h8 E) _5 Y; s$ C0 X
2 K4 f' @; F* Z2 x7 e& s& S
52: vethUOWDKC: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master lxcbr0 state UP qlen 10009 A+ R2 ?, G9 `' P
) I& s& d! v7 Z# O. W
    link/ether fe:84:ce:64:86:d8 brd ff:ff:ff:ff:ff:ff5 [' N0 {4 K: u: K% [# r

' u4 A  H& r) }7 O1 {4 C
回复

举报

gwaiter
 楼主| 发表于 2021-7-1 00:33:46 | 显示全部楼层
理论是研究完了,/ T! n/ q5 N- @
理论解决办法:就是要把公网接口ppp0和内网接口br0,桥接起来
2 ]+ n, ], e3 q, {7 \那如果做IPV6路由也行,但IPV6是动态的,牵涉太多,所以还是桥接方案简单,因为2个接口是固定不变的
1 U& A& b9 I% N! a8 S6 F$ y4 i再要研究一下桥接表。
回复

举报

13671758585
发表于 2023-8-19 00:19:14 | 显示全部楼层
IP6已经出来了吗
回复

举报

llluuuooozzz
发表于 2024-3-4 22:22:18 | 显示全部楼层
佩服楼主,我的PT928G也管不了ipv6防火墙,进Telnet查看ip6tables-save,发现有一条-A FORWARD -i ppp1 -j DROP,于是执行0 R& r9 S0 v7 K; f
ip6tables -D FWD_FIREWALL -i ppp1 -j DROP; B8 d% D& x0 u, ?
终于正常了
回复

举报

12
返回列表 发新帖
*滑块验证:
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

Archiver|小黑屋|宽带技术网 |网站地图 粤公网安备44152102000001号

GMT+8, 2025-5-4 10:10 , Processed in 0.027623 second(s), 3 queries , Redis On.

Powered by Discuz! X3.5 Licensed

Copyright © 2001-2020, Tencent Cloud.

快速回复 返回顶部 返回列表