4 WAN
=$
(nvram get wan_ifname
)
5 LAN
=$
(nvram get lan_ifname
)
8 iptables
-F output_rule
9 iptables
-F forwarding_rule
10 iptables
-t nat
-F prerouting_rule
11 iptables
-t nat
-F postrouting_rule
13 ### BIG FAT DISCLAIMER
14 ### The "-i $WAN" literally means packets that came in over the $WAN interface;
15 ### this WILL NOT MATCH packets sent from the LAN to the WAN address.
17 ### Allow SSH on the WAN interface
18 # iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 22 -j ACCEPT
19 # iptables -A input_rule -i $WAN -p tcp --dport 22 -j ACCEPT
22 # iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 22 -j DNAT --to 192.168.1.2
23 # iptables -A forwarding_rule -i $WAN -p tcp --dport 22 -d 192.168.1.2 -j ACCEPT
25 ### DMZ (should be placed after port forwarding / accept rules)
26 # iptables -t nat -A prerouting_rule -i $WAN -j DNAT --to 192.168.1.2
27 # iptables -A forwarding_rule -i $WAN -d 192.168.1.2 -j ACCEPT
This page took 0.051126 seconds and 5 git commands to generate.