FS#1497 - Port Forwarding /etc/config/firewal does not work #6457
Labels
Comments
|
jow-: Your above iptables listing only shows the filter table, maybe you meant to execute |
|
BentoAlves: Using |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
BentoAlves:
Supply the following if possible:
TP-Link TL-WR1043N/ND v2
LEDE Reboot 17.01.4 r3560-79f57e422d / LuCI lede-17.01 branch (git-17.290.79498-d3f0685)
add redirect rules in file /etc/config/firewall
//config redirect
option target 'DNAT'
option src 'wan'
option dest 'lan'
option proto 'tcp'
option src_dport '808'
option dest_ip '192.168.10.6'
option dest_port '80'
option name 'ZoneMinder'//
save and restart the firewall
///etc/init.d/firewall restart//
redirect is not applied on iptables
//Chain FORWARD (policy ACCEPT)
target prot opt source destination
forwarding_rule all -- anywhere anywhere /* !fw3: user chain for forwarding /
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED / !fw3 /
zone_wan_dest_REJECT all -- anywhere anywhere MAC 00:00:00:00:08:35 / !fw3: QuartoPapaiMamae /
zone_wan_dest_REJECT all -- anywhere anywhere MAC E0:62:90:17:10:3E / !fw3: HarexGaragem /
zone_wan_dest_REJECT all -- anywhere anywhere MAC 78:A5:DD:13:61:FE / !fw3: BabaHD /
zone_wan_dest_REJECT all -- anywhere anywhere MAC 00:12:12:1E:CC:C8 / !fw3: YanTime /
zone_wan_dest_REJECT all -- anywhere anywhere MAC 00:12:12:38:16:CB / !fw3: Kavass /
zone_wan_dest_REJECT all -- anywhere anywhere MAC 4A:FB:2B:F5:81:23 / !fw3: AstroCamera /
zone_wan_dest_REJECT all -- anywhere anywhere MAC E0:62:90:EC:8A:DC / !fw3: NVR /
zone_wan_dest_REJECT all -- anywhere anywhere MAC 00:9A:03:72:AD:92 / !fw3: Camera360 /
zone_wan_dest_REJECT all -- anywhere anywhere MAC E0:62:90:E9:D6:0D / !fw3: Calcada1 /
zone_lan_forward all -- anywhere anywhere / !fw3 /
zone_wan_forward all -- anywhere anywhere / !fw3 */
Chain forwarding_lan_rule (1 references)
target prot opt source destination
Chain forwarding_rule (1 references)
target prot opt source destination
Chain forwarding_wan_rule (1 references)
target prot opt source destination
Chain zone_wan_forward (1 references)
target prot opt source destination
forwarding_wan_rule all -- anywhere anywhere /* !fw3: user chain for forwarding /
zone_lan_dest_ACCEPT all -- anywhere anywhere / !fw3: forwarding wan -> lan /
ACCEPT all -- anywhere anywhere ctstate DNAT / !fw3: Accept port forwards /
zone_wan_dest_ACCEPT all -- anywhere anywhere / !fw3 *//
however in fw3 print the rules are being mounted to be placed on iptables
//iptables -t nat -A zone_wan_prerouting -p tcp -m tcp --dport 808 -m comment --comment "!fw3: ZoneMinder" -j DNAT --to-destination 192.168.10.6:80
iptables -t nat -D zone_lan_prerouting -p tcp -s 192.168.10.0/255.255.255.0 -d 177.148.206.70/255.255.255.255 -m tcp --dport 808 -m comment --comment "!fw3: ZoneMinder (reflection)" -j DNAT --to-destination 192.168.10.6:80
iptables -t nat -A zone_lan_prerouting -p tcp -s 192.168.10.0/255.255.255.0 -d 177.148.206.70/255.255.255.255 -m tcp --dport 808 -m comment --comment "!fw3: ZoneMinder (reflection)" -j DNAT --to-destination 192.168.10.6:80
iptables -t nat -D zone_lan_postrouting -p tcp -s 192.168.10.0/255.255.255.0 -d 192.168.10.6/255.255.255.255 -m tcp --dport 80 -m comment --comment "!fw3: ZoneMinder (reflection)" -j SNAT --to-source 192.168.10.1
iptables -t nat -A zone_lan_postrouting -p tcp -s 192.168.10.0/255.255.255.0 -d 192.168.10.6/255.255.255.255 -m tcp --dport 80 -m comment --comment "!fw3: ZoneMinder (reflection)" -j SNAT --to-source 192.168.10.1
//
did not get success by adding port forwarding manually on iptables
The text was updated successfully, but these errors were encountered: