I am having a problem with my TiVo being able to connect to the TiVo servers. Everything works fine when I use Toastman's build tomato-K26USB-1.28.7821MIPSR1-ND-Ext.trx, but when I try to use the latest Shibby build tomato-K26-1.28.RT-MIPSR1-101-Max.trx, my TiVo is unable to connect. I probably have something configured incorrectly with the Shibby build, but I have not been able to figure it out.
In order to get the TiVo to work with the Toastman build, I had to set NAT loopback to "Forwarded Only" or "Disabled". I have this set on the Shibby build, but the TiVo still cannot connect to its servers. I am guessing that this is a firewall issue, so I am listing the iptables dump from the working Toastman configuration as well as the failing Shibby configuration.
Any help would be greatly appreciated!
Steve
Toastman iptables dump:
Chain INPUT (policy DROP 2 packets, 56 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all — br0 * 0.0.0.0/0 74.69.168.222
0 0 DROP all — * * 0.0.0.0/0 0.0.0.0/0 state INVALID
53 6491 ACCEPT all — * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
42 3426 ACCEPT all — br0 * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all — lo * 0.0.0.0/0 0.0.0.0/0
3 973 ACCEPT udp — * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all — br0 br0 0.0.0.0/0 0.0.0.0/0
0 0 DROP all — * * 0.0.0.0/0 0.0.0.0/0 state INVALID
37 2268 TCPMSS tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU
433 223K ACCEPT all — * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 wanin all — vlan1 * 0.0.0.0/0 0.0.0.0/0
30 2222 wanout all — * vlan1 0.0.0.0/0 0.0.0.0/0
30 2222 ACCEPT all — br0 * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 83 packets, 71799 bytes)
pkts bytes target prot opt in out source destination
Chain wanin (1 references)
pkts bytes target prot opt in out source destination
Chain wanout (1 references)
pkts bytes target prot opt in out source destination
Chain PREROUTING (policy ACCEPT 84 packets, 15225 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all — vlan1 * 0.0.0.0/0 10.0.0.0/24
0 0 WANPREROUTING all — * * 0.0.0.0/0 74.69.168.222
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
28 1723 MASQUERADE all — * vlan1 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 6 packets, 349 bytes)
pkts bytes target prot opt in out source destination
Chain WANPREROUTING (1 references)
pkts bytes target prot opt in out source destination
0 0 DNAT icmp — * * 0.0.0.0/0 0.0.0.0/0 to:10.0.0.1
Chain PREROUTING (policy ACCEPT 610 packets, 249K bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 100 packets, 10946 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 463 packets, 226K bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 83 packets, 71799 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 546 packets, 297K bytes)
pkts bytes target prot opt in out source destination
Shibby iptables dump
Chain INPUT (policy DROP 32 packets, 1289 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all — br0 * 0.0.0.0/0 74.69.168.222
15 936 DROP all — * * 0.0.0.0/0 0.0.0.0/0 state INVALID
759 116K ACCEPT all — * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 shlimit tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW
0 0 ACCEPT all — lo * 0.0.0.0/0 0.0.0.0/0
754 55486 ACCEPT all — br0 * 0.0.0.0/0 0.0.0.0/0
46 15764 ACCEPT udp — * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
5516 2405K all — * * 0.0.0.0/0 0.0.0.0/0 account: network/netmask: 10.0.0.0/255.255.255.0 name: lan
0 0 ACCEPT all — br0 br0 0.0.0.0/0 0.0.0.0/0
0 0 DROP all — * * 0.0.0.0/0 0.0.0.0/0 state INVALID
696 37604 TCPMSS tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU
5122 2379K ACCEPT all — * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 wanin all — vlan1 * 0.0.0.0/0 0.0.0.0/0
394 26314 wanout all — * vlan1 0.0.0.0/0 0.0.0.0/0
394 26314 ACCEPT all — br0 * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 1240 packets, 426K bytes)
pkts bytes target prot opt in out source destination
Chain shlimit (1 references)
pkts bytes target prot opt in out source destination
0 0 all — * * 0.0.0.0/0 0.0.0.0/0 recent: SET name: shlimit side: source
0 0 DROP all — * * 0.0.0.0/0 0.0.0.0/0 recent: UPDATE seconds: 60 hit_count: 4 name: shlimit side: source
Chain wanin (1 references)
pkts bytes target prot opt in out source destination
Chain wanout (1 references)
pkts bytes target prot opt in out source destination
Chain PREROUTING (policy ACCEPT 1166 packets, 112K bytes)
pkts bytes target prot opt in out source destination
17 869 WANPREROUTING all — * * 0.0.0.0/0 74.69.168.222
0 0 DROP all — vlan1 * 0.0.0.0/0 10.0.0.0/24
Chain POSTROUTING (policy ACCEPT 2 packets, 695 bytes)
pkts bytes target prot opt in out source destination
637 39494 MASQUERADE all — * vlan1 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 305 packets, 20235 bytes)
pkts bytes target prot opt in out source destination
Chain WANPREROUTING (1 references)
pkts bytes target prot opt in out source destination
0 0 DNAT icmp — * * 0.0.0.0/0 0.0.0.0/0 to:10.0.0.1
Chain PREROUTING (policy ACCEPT 7506 packets, 2654K bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 1606 packets, 189K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 5516 packets, 2405K bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 1240 packets, 426K bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 6757 packets, 2832K bytes)
pkts bytes target prot opt in out source destination
