First of all apologies if this is a double post. I seem to have some trouble posting to the list.
The good news is I think I have succeded in succesfully compiling fwknopd to dd-wrt using optware. The program compiled without errors and runs on my router. The bad news is that it doesn't seem to create iptables rules needed.
If I start fwknopd and send a SPA packet from my android phone to my router fwknopd responds with:
Using Digest Cache: '/var/run/fwknop/digest.cache' (entry count = 0) Added jump rule from chain: INPUT to chain: FWKNOP_INPUT PCAP filter is: udp port 62201 Starting fwknopd main event loop. SPA Packet from IP: <my phone ip> received. SPA Packet: '+0e+uMnhekbCqfB1tHSenxfiiCrtkaxSJJzBNA5FfYiX1pmMC1cO5MhxmorkfGS2+z723Jd2Aj/4Y4oPNn1MmXQ9gc8yAziJGe0Rkiqt9GCwmXGzWzDVFiWPXg9zLDA9Az/xW2SIaEGudbGEn3hXqnb1O0HEJy74TlOvgjP8obBNlSMyucX4aw'
Added Rule to FWKNOP_INPUT for <my phone ip>, tcp/8822 expires at 1319299103
However I cannot reach ssh on my router. If I run (from a different ssh session) iptables -L I can see some entries relating to fwknopd. I get
And the output continues but with no references to either my phone ip address or port 8822.
Then after a while fwknop tells me:
Did not find expire comment in rules list 0.
I'm stuck. As far as I can tell fwknopd runs without errors and can access iptables because I can see entries relating to fwknop in my iptables. These entries disappear (as they should) when I close fwknopd and reapear when I start fwknopd again. However, no iptables rules are created.
Does anyone have a suggestion to solve this problem? Am I configuring fwknopd.conf or access.conf wrong? the output of fwknopd -D is attached below