5774f0c64acdbaca21580784e532da58168e9ec6
3 .
/etc
/network.overrides
4 [ "$FAILSAFE" != "true" -a -e /etc
/config
/network
] && .
/etc
/config
/network
6 WAN
=$
(nvram get wan_ifname
)
7 LAN
=$
(nvram get lan_ifname
)
10 iptables
-F output_rule
11 iptables
-F forwarding_rule
12 iptables
-t nat
-F prerouting_rule
13 iptables
-t nat
-F postrouting_rule
15 ### BIG FAT DISCLAIMER
16 ### The "-i $WAN" literally means packets that came in over the $WAN interface;
17 ### this WILL NOT MATCH packets sent from the LAN to the WAN address.
19 ### Allow SSH on the WAN interface
20 # iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 22 -j ACCEPT
21 # iptables -A input_rule -i $WAN -p tcp --dport 22 -j ACCEPT
24 # iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 22 -j DNAT --to 192.168.1.2
25 # iptables -A forwarding_rule -i $WAN -p tcp --dport 22 -d 192.168.1.2 -j ACCEPT
27 ### DMZ (should be placed after port forwarding / accept rules)
28 # iptables -t nat -A prerouting_rule -i $WAN -j DNAT --to 192.168.1.2
29 # iptables -A forwarding_rule -i $WAN -d 192.168.1.2 -j ACCEPT
This page took 0.041185 seconds and 3 git commands to generate.