One of these days I’ll write something positive here about some hardware… but I’ll have to wait until I have a positive experience with some hardware! 🙂 I tried once again to get a Netgear router I bought a couple of years ago into useful service, but had to back it out after a week.
I found some info on the ‘net about how to get a Netgear DG834 to just be a router rather than being a total PITA firewall. The link that got me going is here. I thought I had done this on my previous try with the router, but perhaps it needed the firmware upgrade I did this time out.
So with these firewall rules in place, I was up and away. There was a problem with connecting to MSN via the Jabber PyMSNt transport (yes, I MSN, but only because my family does, and I can’t get them off it because their friends MSN… see why Open Communication Day is bound to fail? But I digress.), but I had changed other things (like doing an emerge -uav world on the Jabber box that pulled in a glibc update, which I’ve found always results in a few days of fighting little problems). A week later I still couldn’t MSN, and after re-emerging everything I could think of on the Jabber box I thought “maybe it’s network-related”. Sure enough, exact same problem using Kopete to connect direct to MSN.
The Netgear DG834 is one of the many devices using an embedded Linux distribution (yay Netgear), and it provides a hacky way of getting a shell prompt. Getting this shell prompt and running a few iptables commands told me what the problem seemed to be — a rule to redirect all MSN and AIM/ICQ traffic to a local port on the router. The router comes with a bunch of Trend Micro security crap pre-installed, for which you have to subscribe to keep up-to-date (boo Netgear). It seems that without this security rubbish activated, there is no process active to be able to handle the redirected traffic.
I think it’s a bug that they give you an option to disable their security rubbish, but leave firewall rules in place that result in traffic being killed if the stuff isn’t running. I could have worked around it though: using the shell I could have just deleted the rule. Then I’d have a problem of having to do that every time the router decided to update the rules. Could I hack the firmware and remove the rules from the image? Possible, but the stuff is probably signed and a hacked one might not run. Maybe one of the free/open replacement router firmwares will run on the DG834? Haven’t looked at that. Of course, given that I think it’s a bug, I could also file a support request with Netgear too…
I had originally titled this “Netgear: strike three, you’re out”, but given that I have a few options available I can give the thing one more chance. But it’ll be another day; I’ve stuffed around with the thing too long this time out. There is a bit to like about the Netgear, so I admit to being tempted to persist with it; the built-in switch lets me think about upgrading the Linksys WRT (running OpenWRT) that I have as DMZ router and wireless access point to something that is 802.11n but won’t be able to do the DMZ routing.
For now though it’s back to the trusty old Alcatel Speedtouch, that I’ve had since my first ever ADSL service.
Crossed Wires 