0

I have a problem with a AC68U router. For some reason it only authenticate clients for the first minute, then drop them all if there are any attempts.

Example:

  1. Router boots
  2. If clients attempt to connect within first minute after reboot, they are successful (WiFI and ethernet)
  3. If client reconnects by any reason, it will be dropped. The router will be dropping all attempts, even if using ethernet.

I tried:

  1. disabling a lot of things but no luck (DHCP, AI protection, wireless settings and also changed some)
  2. Factory reset.
  3. Firmware is already up to date but I re-uploaded it with no luck.
  4. Confirmed there aren't MAC filters.

The strange thing is that if I keep the connection it won't disconnect or drop the connection (WiFi nor wired), but I can only connect all the devices within the first minute (or seconds) after reboot.

I bought this router 2 years ago so it would be a terrible loss if it's damaged

Router log when drops clients:

Oct  6 19:37:50 syslog: wlceventd_proc_event(491): eth1: Deauth_ind xx:xx:xx:xx:xx:xx, status: 0, reason: Deauthenticated because sending station is leaving (or has left) IBSS or ESS (3), rssi:-47
Oct  6 19:37:50 syslog: wlceventd_proc_event(527): eth1: Auth xx:xx:xx:xx:xx:xx, status: Successful (0), rssi:0
Oct  6 19:37:50 syslog: wlceventd_proc_event(556): eth1: Assoc xx:xx:xx:xx:xx:xx, status: Successful (0), rssi:0
Oct  6 19:37:58 syslog: wlceventd_proc_event(491): eth1: Deauth_ind xx:xx:xx:xx:xx:xx, status: 0, reason: Deauthenticated because sending station is leaving (or has left) IBSS or ESS (3), rssi:-47
Oct  6 19:38:01 syslog: wlceventd_proc_event(527): eth1: Auth xx:xx:xx:xx:xx:xx, status: Successful (0), rssi:0
Oct  6 19:38:01 syslog: wlceventd_proc_event(556): eth1: Assoc xx:xx:xx:xx:xx:xx, status: Successful (0), rssi:0

Boot log and successful pairing.

May  5 00:05:03 kernel: klogd started: BusyBox v1.25.1 (2021-05-08 04:16:59 CST)
May  5 00:05:03 kernel: Linux version 2.6.36.4brcmarm (root@asus) (gcc version 4.5.3 (Buildroot 2012.02) ) #1 SMP PREEMPT Sat May 8 04:23:42 CST 2021
May  5 00:05:03 kernel: CPU: ARMv7 Processor [413fc090] revision 0 (ARMv7), cr=10c53c7f
May  5 00:05:03 kernel: CPU: VIPT nonaliasing data cache, VIPT nonaliasing instruction cache
May  5 00:05:03 kernel: Machine: Northstar Prototype
May  5 00:05:03 kernel: Ignoring unrecognised tag 0x00000000
May  5 00:05:03 kernel: Memory policy: ECC disabled, Data cache writealloc
May  5 00:05:03 kernel: Built 1 zonelists in Zone order, mobility grouping on.  Total pages: 60416
May  5 00:05:03 kernel: Kernel command line: root=/dev/mtdblock2 console=ttyS0,115200 init=/sbin/preinit earlyprintk debug
May  5 00:05:03 kernel: Memory: 255496k/255496k available, 6648k reserved, 0K highmem
May  5 00:05:03 kernel: Virtual kernel memory layout:
May  5 00:05:03 kernel:     vector  : 0xffff0000 - 0xffff1000   (   4 kB)
May  5 00:05:03 kernel:     fixmap  : 0xfff00000 - 0xfffe0000   ( 896 kB)
May  5 00:05:03 kernel:     DMA     : 0xf7e00000 - 0xffe00000   ( 128 MB)
May  5 00:05:03 kernel:     vmalloc : 0xd0800000 - 0xf0000000   ( 504 MB)
May  5 00:05:03 kernel:     lowmem  : 0xc0000000 - 0xd0000000   ( 256 MB)
May  5 00:05:03 kernel:     modules : 0xbf000000 - 0xc0000000   (  16 MB)
May  5 00:05:03 kernel:       .init : 0xc0008000 - 0xc003d000   ( 212 kB)
May  5 00:05:03 kernel:       .text : 0xc003d000 - 0xc03a8000   (3500 kB)
May  5 00:05:03 kernel:       .data : 0xc03c0000 - 0xc03e3180   ( 141 kB)
May  5 00:05:03 kernel: External imprecise Data abort at addr=0x0, fsr=0x1c06 ignored.
May  5 00:05:03 kernel: Mount-cache hash table entries: 512
May  5 00:05:03 kernel: CPU1: Booted secondary processor
May  5 00:05:03 kernel: Found a AMD NAND flash:
May  5 00:05:03 kernel: Total size:  128MB
May  5 00:05:03 kernel: Block size:  128KB
May  5 00:05:03 kernel: Page Size:   2048B
May  5 00:05:03 kernel: OOB Size:    64B
May  5 00:05:03 kernel: Sector size: 512B
May  5 00:05:03 kernel: Spare size:  16B
May  5 00:05:03 kernel: ECC level:   8 (8-bit)
May  5 00:05:03 kernel: Device ID: 0x 1 0xf1 0x 0 0x1d 0x 1 0xf1
May  5 00:05:03 kernel: bio: create slab <bio-0> at 0
May  5 00:05:03 kernel: PCI: no core
May  5 00:05:03 kernel: PCI: no core
May  5 00:05:03 kernel: PCI: Fixing up bus 0
May  5 00:05:03 kernel: PCI: Fixing up bus 0
May  5 00:05:03 kernel: PCI: Fixing up bus 1
May  5 00:05:03 kernel: PCI: Fixing up bus 0
May  5 00:05:03 kernel: PCI: Fixing up bus 2
May  5 00:05:03 kernel: VFS: Disk quotas dquot_6.5.2
May  5 00:05:03 kernel: Dquot-cache hash table entries: 1024 (order 0, 4096 bytes)
May  5 00:05:03 kernel: pflash: found no supported devices
May  5 00:05:03 kernel: bcmsflash: found no supported devices
May  5 00:05:03 kernel: Boot partition size = 524288(0x80000)
May  5 00:05:03 kernel: lookup_nflash_rootfs_offset: offset = 0x200000
May  5 00:05:03 kernel: nflash: squash filesystem with lzma found at block 28
May  5 00:05:03 kernel: Creating 4 MTD partitions on "nflash":
May  5 00:05:03 kernel: 0x000000000000-0x000000080000 : "boot"
May  5 00:05:03 kernel: 0x000000080000-0x000000200000 : "nvram"
May  5 00:05:03 kernel: 0x000000200000-0x000004000000 : "linux"
May  5 00:05:03 kernel: 0x00000039c62c-0x000004000000 : "rootfs"
May  5 00:05:03 kernel: et0: et_mvlan_netdev_event: event 16 for vlan1 mvlan_en 0
May  5 00:05:03 kernel: et0: et_mvlan_netdev_event: event 5 for vlan1 mvlan_en 0
May  5 00:05:03 kernel: et0: et_mvlan_netdev_event: event 16 for vlan2 mvlan_en 0
May  5 00:05:03 kernel: et0: et_mvlan_netdev_event: event 5 for vlan2 mvlan_en 0
May  5 00:05:03 kernel: et0: et_mvlan_netdev_event: event 13 for vlan1 mvlan_en 0
May  5 00:05:03 kernel: et0: et_mvlan_netdev_event: event 1 for vlan1 mvlan_en 0
May  5 00:05:04 kernel: et0: et_mvlan_netdev_event: event 16 for eth0.501 mvlan_en 0
May  5 00:05:04 kernel: et0: et_mvlan_netdev_event: event 5 for eth0.501 mvlan_en 0
May  5 00:05:04 kernel: et0: et_mvlan_netdev_event: event 13 for eth0.501 mvlan_en 0
May  5 00:05:04 kernel: et0: et_mvlan_netdev_event: event 1 for eth0.501 mvlan_en 0
May  5 00:05:04 kernel: et0: et_mvlan_netdev_event: event 16 for eth0.502 mvlan_en 0
May  5 00:05:04 kernel: et0: et_mvlan_netdev_event: event 5 for eth0.502 mvlan_en 0
May  5 00:05:04 kernel: et0: et_mvlan_netdev_event: event 13 for eth0.502 mvlan_en 0
May  5 00:05:04 kernel: et0: et_mvlan_netdev_event: event 1 for eth0.502 mvlan_en 0
May  5 00:05:05 kernel: et0: et_mvlan_netdev_event: event 4 for eth0.501 mvlan_en 0
May  5 00:05:05 kernel: et0: et_mvlan_netdev_event: event 4 for eth0.502 mvlan_en 0
May  5 00:05:05 lldpd[266]: cannot get ethtool link information with GLINKSETTINGS (requires 4.9+): Operation not permitted
May  5 00:05:05 lldpd[266]: cannot get ethtool link information with GSET (requires 2.6.19+): Operation not permitted
May  5 00:05:08 syslog: main(961): wlceventd Start...
May  5 00:05:09 WAN Connection: Fail to connect with some issues.
May  5 00:05:11 acsd: COEX: downgraded chanspec 0x1909 to 0x100b: channel 4 used by exiting BSSs 
May  5 00:05:11 acsd: selected channel spec: 0x100b (11)
May  5 00:05:11 acsd: Adjusted channel spec: 0x100b (11)
May  5 00:05:11 acsd: selected DFS-exit channel spec: 0x100b (11)
May  5 00:05:11 acsd: COEX: downgraded chanspec 0x1909 to 0x100b: channel 4 used by exiting BSSs 
May  5 00:05:11 acsd: selected channel spec: 0x100b (11)
May  5 00:05:11 acsd: Adjusted channel spec: 0x100b (11)
May  5 00:05:11 acsd: selected channel spec: 0x100b (11)
May  5 00:05:11 acsd: acs_set_chspec: 0x100b (11) for reason APCS_INIT
May  5 00:05:13 acsd: selected channel spec: 0xe39b (161/80)
May  5 00:05:13 acsd: Adjusted channel spec: 0xe39b (161/80)
May  5 00:05:13 acsd: selected DFS-exit channel spec: 0xe39b (161/80)
May  5 00:05:13 acsd: selected channel spec: 0xe39b (161/80)
May  5 00:05:13 acsd: Adjusted channel spec: 0xe39b (161/80)
May  5 00:05:13 acsd: selected channel spec: 0xe39b (161/80)
May  5 00:05:13 acsd: acs_set_chspec: 0xe39b (161/80) for reason APCS_INIT
May  5 00:05:13 RT-AC68U: start httpd:80
May  5 00:05:14 avahi-daemon[357]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
May  5 00:05:14 jffs2: valid logs(1)
May  5 00:05:14 httpd: Save SSL certificate...80
May  5 00:05:15 disk monitor: be idle
May  5 00:05:15 hour monitor: daemon is starting
May  5 00:05:15 hour monitor: daemon terminates
May  5 00:05:15 ERP: The model isn't under EU SKU!
May  5 00:05:15 avahi-daemon[357]: Alias name "RT-AC68U" successfully established.
May  5 00:05:15 httpd: mssl_cert_key_match : PASS
May  5 00:05:16 reboot scheduler: [timecheck] NTP sync error
May  5 00:05:16 Mastiff: init
May  5 00:05:16 httpd: Succeed to init SSL certificate...80
May  5 00:05:17 syslog: module ax88179_178a not found in modules.dep
May  5 00:05:18 pppd[484]: pppd 2.4.7 started by thirdworldarmies, uid 0
May  5 00:05:18 pppd[484]: Connected to X via interface eth0
May  5 00:05:18 pppd[484]: Connect: ppp0 <--> eth0
May  5 00:05:18 pppd[484]: CHAP authentication succeeded
May  5 00:05:18 pppd[484]: peer from calling number X authorized
May  5 00:05:18 kernel: xhci_hcd 0000:00:0c.0: Failed to enable MSI-X
May  5 00:05:18 kernel: xhci_hcd 0000:00:0c.0: failed to allocate MSI entry
May  5 00:05:18 kernel: usb usb1: No SuperSpeed endpoint companion for config 1  interface 0 altsetting 0 ep 129: using minimum values
May  5 00:05:18 pppd[484]: local  IP address x
May  5 00:05:18 pppd[484]: remote IP address x
May  5 00:05:18 pppd[484]: primary   DNS address x
May  5 00:05:18 pppd[484]: secondary DNS address x
May  5 00:05:18 syslog: module ledtrig-usbdev not found in modules.dep
May  5 00:05:18 syslog: module leds-usb not found in modules.dep
May  5 00:05:19 kernel: SCSI subsystem initialized
May  5 00:05:19 kernel: nf_conntrack_rtsp v0.6.21 loading
May  5 00:05:19 kernel: nf_nat_rtsp v0.6.21 loading
May  5 00:05:20 wan: finish adding multi routes
May  5 00:05:21 dhcp client: bound 192.168.0.3/255.255.255.0 via 192.168.0.1 for 86400 seconds.
May  5 00:05:21 syslog: fwver: 3.0.0.4_386_43129-g60defb2 (sn: /ha:X )
May  5 00:05:21 ahs: [read_json]Update ahs JSON file.
May  5 00:05:22 syslog:  event: wl_chanspec_changed_action
May  5 00:05:22 syslog: skip event due no re
May  5 00:05:24 WAN Connection: WAN was restored.
May  5 00:05:25 roamast: ROAMING Start...
May  5 00:05:27 ntp: start NTP update
Oct  6 19:29:21 rc_service: ntp 640:notify_rc restart_diskmon
Oct  6 19:29:22 disk_monitor: Finish
Oct  6 19:29:23 disk monitor: be idle
Oct  6 19:29:37 syslog: wlceventd_proc_event(527): eth1: Auth X, status: Successful (0), rssi:0
Oct  6 19:29:37 syslog: wlceventd_proc_event(556): eth1: Assoc X, status: Successful (0), rssi:0
Oct  6 19:29:54 crond[332]: time disparity of 1801164 minutes detected

Log when trying to connect using ethernet (DHCP enabled on client. If I set a manual IP it just says "Destination Host Unreachable"):

Oct  6 20:22:03 user avahi-daemon[1064]: New relevant interface enp4s0.IPv4 for mDNS.
Oct  6 20:22:03 user avahi-daemon[1064]: Registering new address record for 192.168.1.122 on enp4s0.IPv4.
Oct  6 20:22:03 user avahi-daemon[1064]: Joining mDNS multicast group on interface enp4s0.IPv6 with address X.
Oct  6 20:22:03 user avahi-daemon[1064]: New relevant interface enp4s0.IPv6 for mDNS.
Oct  6 20:22:03 user avahi-daemon[1064]: Registering new address record for X on enp4s0.*.
Oct  6 20:22:05 user dbus-daemon[1068]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.21' (uid=0 pid=1452 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined")
Oct  6 20:22:05 user systemd[1]: Starting Network Manager Script Dispatcher Service...
Oct  6 20:22:05 user dbus-daemon[1068]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Oct  6 20:22:05 user systemd[1]: Started Network Manager Script Dispatcher Service.
Oct  6 20:22:15 user systemd[1]: NetworkManager-dispatcher.service: Succeeded.
Oct  6 20:22:48 user NetworkManager[1452]: <warn>  [1633569768.5774] dhcp4 (enp4s0): request timed out
Oct  6 20:22:48 user NetworkManager[1452]: <info>  [1633569768.5774] dhcp4 (enp4s0): state changed unknown -> timeout
Oct  6 20:22:48 user NetworkManager[1452]: <info>  [1633569768.5774] device (enp4s0): state change: ip-config -> failed (reason 'ip-config-unavailable', sys-iface-state: 'managed')
Oct  6 20:22:48 user NetworkManager[1452]: <info>  [1633569768.5778] manager: NetworkManager state is now DISCONNECTED
Oct  6 20:22:48 user NetworkManager[1452]: <warn>  [1633569768.5786] device (enp4s0): Activation: failed for connection 'Wired connection 1'
Oct  6 20:22:48 user NetworkManager[1452]: <info>  [1633569768.5790] device (enp4s0): state change: failed -> disconnected (reason 'none', sys-iface-state: 'managed')
Oct  6 20:22:48 user avahi-daemon[1064]: Withdrawing address record for X on enp4s0.
Oct  6 20:22:48 user avahi-daemon[1064]: Leaving mDNS multicast group on interface enp4s0.IPv6 with address X.
Oct  6 20:22:48 user avahi-daemon[1064]: Interface enp4s0.IPv6 no longer relevant for mDNS.
Oct  6 20:22:48 user NetworkManager[1452]: <info>  [1633569768.6152] dhcp4 (enp4s0): canceled DHCP transaction
Oct  6 20:22:48 user NetworkManager[1452]: <info>  [1633569768.6152] dhcp4 (enp4s0): state changed timeout -> done
Oct  6 20:22:48 user avahi-daemon[1064]: Withdrawing address record for 192.168.1.122 on enp4s0.
Oct  6 20:22:48 user avahi-daemon[1064]: Leaving mDNS multicast group on interface enp4s0.IPv4 with address 192.168.1.122.
Oct  6 20:22:48 user avahi-daemon[1064]: Interface enp4s0.IPv4 no longer relevant for mDNS.
Oct  6 20:22:48 user NetworkManager[1452]: <info>  [1633569768.6228] policy: auto-activating connection 'Wired connection 1' (6e176a17-2e93-3aba-97f3-1c2100cbb44f)
Oct  6 20:22:48 user NetworkManager[1452]: <info>  [1633569768.6252] device (enp4s0): Activation: starting connection 'Wired connection 1' (6e176a17-2e93-3aba-97f3-1c2100cbb44f)
Oct  6 20:22:48 user NetworkManager[1452]: <info>  [1633569768.6255] device (enp4s0): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed')
Oct  6 20:22:48 user dbus-daemon[1068]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.21' (uid=0 pid=1452 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined")
Oct  6 20:22:48 user NetworkManager[1452]: <info>  [1633569768.6268] manager: NetworkManager state is now CONNECTING
Oct  6 20:22:48 user NetworkManager[1452]: <info>  [1633569768.6273] device (enp4s0): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
Oct  6 20:22:48 user NetworkManager[1452]: <info>  [1633569768.6291] device (enp4s0): state change: config -> ip-config (reason 'none', sys-iface-state: 'managed')
Oct  6 20:22:48 user systemd[1]: Starting Network Manager Script Dispatcher Service...
Oct  6 20:22:48 user NetworkManager[1452]: <info>  [1633569768.6309] dhcp4 (enp4s0): activation: beginning transaction (timeout in 45 seconds)
Oct  6 20:22:48 user avahi-daemon[1064]: Joining mDNS multicast group on interface enp4s0.IPv4 with address 192.168.1.122.
Oct  6 20:22:48 user avahi-daemon[1064]: New relevant interface enp4s0.IPv4 for mDNS.
Oct  6 20:22:48 user avahi-daemon[1064]: Registering new address record for 192.168.1.122 on enp4s0.IPv4.
Oct  6 20:22:48 user avahi-daemon[1064]: Joining mDNS multicast group on interface enp4s0.IPv6 with address X.
Oct  6 20:22:48 user avahi-daemon[1064]: New relevant interface enp4s0.IPv6 for mDNS.
Oct  6 20:22:48 user avahi-daemon[1064]: Registering new address record for X on enp4s0.*.
Oct  6 20:22:48 user dbus-daemon[1068]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Oct  6 20:22:48 user systemd[1]: Started Network Manager Script Dispatcher Service.
Oct  6 20:23:00 user systemd[1]: NetworkManager-dispatcher.service: Succeeded.

Router IP Tables (I didn't set anything related to the IPs or the strings. This is after a reset today)

-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N ACCESS_RESTRICTION
-N FUPNP
-N INPUT_ICMP
-N INPUT_PING
-N OUTPUT_DNS
-N OUTPUT_IP
-N PControls
-N PTCSRVLAN
-N PTCSRVWAN
-N SECURITY
-N default_block
-N logaccept
-N logdrop
-N logdrop_dns
-N logdrop_ip
-A INPUT -p icmp -m icmp --icmp-type 8 -j INPUT_PING
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -m state --state INVALID -j DROP
-A INPUT -p tcp -m multiport --dports 80,1025 -j ACCESS_RESTRICTION
-A INPUT ! -i br0 -j PTCSRVWAN
-A INPUT -i br0 -j PTCSRVLAN
-A INPUT -i br0 -m state --state NEW -j ACCEPT
-A INPUT -i lo -m state --state NEW -j ACCEPT
-A INPUT -p udp -m udp --sport 67 --dport 68 -j ACCEPT
-A INPUT -p icmp -j INPUT_ICMP
-A INPUT -i br1 -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -i br1 -p udp -m udp --dport 67 -j ACCEPT
-A INPUT -i br1 -p udp -m udp --dport 68 -j ACCEPT
-A INPUT -i br1 -j DROP
-A INPUT -i br2 -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -i br2 -p udp -m udp --dport 67 -j ACCEPT
-A INPUT -i br2 -p udp -m udp --dport 68 -j ACCEPT
-A INPUT -i br2 -j DROP
-A INPUT -j DROP
-A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i br1 -o ppp0 -j ACCEPT
-A FORWARD -i br2 -o ppp0 -j ACCEPT
-A FORWARD ! -i br0 -o ppp0 -j DROP
-A FORWARD ! -i br0 -o eth0 -j DROP
-A FORWARD -i br0 -o br0 -j ACCEPT
-A FORWARD -m state --state INVALID -j DROP
-A FORWARD -i br0 -j ACCEPT
-A FORWARD -m conntrack --ctstate DNAT -j ACCEPT
-A FORWARD -j DROP
-A OUTPUT -p udp -m udp --dport 53 -m u32 --u32 "0x0>>0x16&0x3c@0x8>>0xf&0x1=0x0" -j OUTPUT_DNS
-A OUTPUT -p tcp -m tcp --dport 53 -m u32 --u32 "0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x8>>0xf&0x1=0x0" -j OUTPUT_DNS
-A OUTPUT -j OUTPUT_IP
-A ACCESS_RESTRICTION -s 192.168.1.122/32 -p tcp -m multiport --dports 80 -j ACCEPT
-A ACCESS_RESTRICTION -s 192.168.1.122/32 -p tcp -m tcp --dport 1025 -j RETURN
-A ACCESS_RESTRICTION -j DROP
-A INPUT_ICMP -p icmp -m icmp --icmp-type 8 -j RETURN
-A INPUT_ICMP -p icmp -m icmp --icmp-type 13 -j RETURN
-A INPUT_ICMP -p icmp -j ACCEPT
-A INPUT_PING -i ppp0 -p icmp -j DROP
-A INPUT_PING -i eth0 -p icmp -j DROP
-A OUTPUT_DNS -m string --hex-string "|10706f697579747975696f706b6a666e6603636f6d00|" --algo bm --to 65535 --icase -j logdrop_dns
-A OUTPUT_DNS -m string --hex-string "|0d72666a656a6e666a6e65666a6503636f6d00|" --algo bm --to 65535 --icase -j logdrop_dns
-A OUTPUT_DNS -m string --hex-string "|1131306166646d617361787373736171726b03636f6d00|" --algo bm --to 65535 --icase -j logdrop_dns
-A OUTPUT_DNS -m string --hex-string "|0f376d667364666173646d6b676d726b03636f6d00|" --algo bm --to 65535 --icase -j logdrop_dns
-A OUTPUT_DNS -m string --hex-string "|0d386d617361787373736171726b03636f6d00|" --algo bm --to 65535 --icase -j logdrop_dns
-A OUTPUT_DNS -m string --hex-string "|0f3966646d617361787373736171726b03636f6d00|" --algo bm --to 65535 --icase -j logdrop_dns
-A OUTPUT_DNS -m string --hex-string "|1265666274686d6f6975796b6d6b6a6b6a677403636f6d00|" --algo bm --to 65535 --icase -j logdrop_dns
-A OUTPUT_DNS -m string --hex-string "|086861636b7563647403636f6d00|" --algo bm --to 65535 --icase -j logdrop_dns
-A OUTPUT_DNS -m string --hex-string "|076c696e77756469056633333232036e657400|" --algo bm --to 65535 --icase -j logdrop_dns
-A OUTPUT_DNS -m string --hex-string "|0f6c6b6a68676664736174727975696f03636f6d00|" --algo bm --to 65535 --icase -j logdrop_dns
-A OUTPUT_DNS -m string --hex-string "|0b6d6e627663787a7a7a313203636f6d00|" --algo bm --to 65535 --icase -j logdrop_dns
-A OUTPUT_DNS -m string --hex-string "|077131313133333303746f7000|" --algo bm --to 65535 --icase -j logdrop_dns
-A OUTPUT_DNS -m string --hex-string "|057371353230056633333232036e657400|" --algo bm --to 65535 --icase -j logdrop_dns
-A OUTPUT_DNS -m string --hex-string "|077563746b6f6e6503636f6d00|" --algo bm --to 65535 --icase -j logdrop_dns
-A OUTPUT_DNS -m string --hex-string "|0e7a786376626d6e6e666a6a66777103636f6d00|" --algo bm --to 65535 --icase -j logdrop_dns
-A OUTPUT_DNS -m string --hex-string "|0a65756d6d6167766e627003636f6d00|" --algo bm --to 65535 --icase -j logdrop_dns
-A OUTPUT_IP -d 193.201.224.0/24 -j logdrop_ip
-A OUTPUT_IP -d 51.15.120.245/32 -j logdrop_ip
-A OUTPUT_IP -d 45.33.73.134/32 -j logdrop_ip
-A OUTPUT_IP -d 190.115.18.28/32 -j logdrop_ip
-A OUTPUT_IP -d 51.159.52.250/32 -j logdrop_ip
-A OUTPUT_IP -d 190.115.18.86/32 -j logdrop_ip
-A PControls -j DROP
-A SECURITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 1/sec -j RETURN
-A SECURITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j DROP
-A SECURITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK RST -m limit --limit 1/sec -j RETURN
-A SECURITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK RST -j DROP
-A SECURITY -p icmp -m icmp --icmp-type 8 -m limit --limit 1/sec -j RETURN
-A SECURITY -p icmp -m icmp --icmp-type 8 -j DROP
-A SECURITY -j RETURN
-A logaccept -m state --state NEW -j LOG --log-prefix "ACCEPT " --log-tcp-sequence --log-tcp-options --log-ip-options
-A logaccept -j ACCEPT
-A logdrop -m state --state NEW -j LOG --log-prefix "DROP " --log-tcp-sequence --log-tcp-options --log-ip-options
-A logdrop -j DROP
-A logdrop_dns -j LOG --log-prefix "DROP_DNS " --log-tcp-sequence --log-tcp-options --log-ip-options
-A logdrop_dns -j DROP
-A logdrop_ip -j LOG --log-prefix "DROP_IP " --log-tcp-sequence --log-tcp-options --log-ip-options
-A logdrop_ip -j DROP

EDIT:

I forgot to clarify that this is an TM AC1900 with an AC68U firmware.

Also I was able to get everything back to normal by using a very old firmware. It's odd because there weren't recent upgrades before it stopped working.

Now everything works! Now I'm only afraid it's an old firmware but at least it works. The only difference I notice is that sometimes the WiFI shows me that notification that the network "Requires authorization".

Hennes
  • 64,768
  • 7
  • 111
  • 168
Motheus
  • 101
  • 2
  • The Factory Reset is concerning because that deletes all profiles and settings. So it does appear to be a hardware issue. – John Oct 07 '21 at 01:48
  • Damn that would be terrible bc I don't have money for another router. I added the router's IP tables in case you want to check. – Motheus Oct 07 '21 at 01:56
  • I glanced through the output but did not see anything related to it dropping out. ... Take a look on eBay and see if you can get a reputable low priced replacement. – John Oct 07 '21 at 02:06
  • I got it working again by using an old firmware. Question updated. – Motheus Oct 07 '21 at 21:07
  • Just for completeness: were you running the RT-AC68U firmware on a TM-AC1900 when you had problems and are you now back on the original AC-1900 firmware again? – StarCat Oct 08 '21 at 06:02

0 Answers0