Portál AbcLinuxu, 8. května 2025 18:37

Dotaz: iptables v openwrt na ASUSu

26.8.2008 23:55 jpaseka
iptables v openwrt na ASUSu
Přečteno: 350×
Odpovědět | Admin
Dobry den,

mam OpenWrt White Russian - With X-Wrt Extensions 0.9 Linux 2.4.30 #1 Fri Nov 24 23:16:54 EST 2006 ASUS WL-500g Premium Broadcom BCM947XX

potreboval jsem presmerovat z ASUSu na lokalni pocitac

do /etc/firewall.user

jsem pridal dle vzoru naledujici radky (jinak jsem ho od instalace nemenil) a restartoval.

iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 5445 -j DNAT --to 192.168.1.182:5445

iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 10001 -j DNAT --to 192.168.1.246:80

iptables -A forwarding_rule -i $WAN -p tcp --dport 5445 -d 192.168.1.182 -j ACCEPT

iptables -A forwarding_rule -i $WAN -p tcp --dport 10001 -d 192.168.1.246 -j ACCEPT

Ani v jednom pripade jsem se nedostal na prislusny lokalni pocitac.

Delam neco spatne nebo bude zavada nekde ve vlastnim nastaveni ASUSu.

Dekuji za jakoukoliv reakci ci hint.

jpaseka

P.S. Dam-li iptables -L, obdrzim Chain INPUT (policy DROP)

target prot opt source destination

DROP all -- anywhere anywhere state INVALID

ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED

DROP tcp -- anywhere anywhere tcp option=!2 flags:SYN/SYN

input_rule all -- anywhere anywhere

LAN_ACCEPT all -- anywhere anywhere

ACCEPT icmp -- anywhere anywhere

ACCEPT gre -- anywhere anywhere

REJECT tcp -- anywhere anywhere reject-with tcp-reset

REJECT all -- anywhere anywhere reject-with icmp-port-unreachable

ACCEPT tcp -- anywhere anywhere tcp dpt:22 flags:FIN,SYN,RST,ACK/SYN

Chain FORWARD (policy DROP)

target prot opt source destination

DROP all -- anywhere anywhere state INVALID

TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU

ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED

forwarding_rule all -- anywhere anywhere

ACCEPT all -- anywhere anywhere

ACCEPT all -- anywhere anywhere

MINIUPNPD all -- anywhere anywhere

Chain LAN_ACCEPT (1 references)

target prot opt source destination

RETURN all -- anywhere anywhere

RETURN all -- anywhere anywhere

ACCEPT all -- anywhere anywhere

Chain MINIUPNPD (1 references)

target prot opt source destination

Chain OUTPUT (policy DROP)

target prot opt source destination

DROP all -- anywhere anywhere state INVALID

ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED

output_rule all -- anywhere anywhere

ACCEPT all -- anywhere anywhere

REJECT tcp -- anywhere anywhere reject-with tcp-reset

REJECT all -- anywhere anywhere reject-with icmp-port-unreachable

Chain forward_br1 (1 references)

target prot opt source destination

Chain forwarding_rule (1 references)

target prot opt source destination

ACCEPT tcp -- anywhere 192.168.1.182 tcp dpt:5445

ACCEPT tcp -- anywhere 192.168.1.246 tcp dpt:10001

forward_br1 all -- anywhere anywhere

Chain input_br1 (1 references)

target prot opt source destination

Chain input_rule (1 references)

target prot opt source destination

input_br1 all -- anywhere anywhere

Chain output_rule (1 references)

target prot opt source destination

Nástroje: Začni sledovat (0) ?Zašle upozornění na váš email při vložení nového komentáře.

Na otázku zatím nikdo bohužel neodpověděl.

Založit nové vláknoNahoru

Tiskni Sdílej: Linkuj Jaggni to Vybrali.sme.sk Google Del.icio.us Facebook

ISSN 1214-1267, (c) 1999-2007 Stickfish s.r.o.