Jump to content
Not connected, Your IP:
Sign in to follow this  

DD-WRT users, has anyone used IPTABLES to open ports on router firewall?

Recommended Posts

My hardward/firmware:

Router ModelLinksys WRT 1200AC

Firmware Version
DD-WRT v3.0-r28788 std (01/13/16)
Kernel Version

Linux 3.18.25 #59 SMP Mon Jan 11 11:48:34 CET 2016 armv7l


My goal:

To open ports 8000 and 8001 on my router to allow shoutcast server to livestream from static ip on the network.




After reading https://airvpn.org/external_link/?url=https%3A%2F%2Fwww.dd-wrt.com%2Fwiki%2Findex.php%2FIptables_command%23Port_Forwarding_to_a_specific_LAN_IP and also being told that the GUI interface only forwards from WAN to LAN and not from TUN to LAN... it seems this is my last obstacle to streaming with Shoutcast.

I still haven't been able to get IPTABLES to work for me yet. I tried different variations of the commands, but nothing worked for me... then I didn't know if I was putting the right information into the variables.


Has anyone with this or similar dd-wrt set up successfully added open ports to your router firewall using IPTABLES? If so, can I see how your commands look?

Currently, all I have for my firewall commands are,



iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
iptables -I INPUT -i tun0 -j REJECT
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE

What else should be there to open port 8000 and 8001 to the static IP listed above?

Thanks for any help and directions.




Share this post

Link to post

I am familiar with Linux, but not DD-WRT.


Have you tried something like this?

/sbin/iptables -t nat -A PREROUTING -i tun0 -p tcp --dport 8000 -j DNAT --to-destination
/sbin/iptables -t nat -A PREROUTING -i tun0 -p udp --dport 8000 -j DNAT --to-destination
/sbin/iptables -t nat -A PREROUTING -i tun0 -p tcp --dport 8001 -j DNAT --to-destination
/sbin/iptables -t nat -A PREROUTING -i tun0 -p udp --dport 8001 -j DNAT --to-destination

This assumes you have configured two ports on AirVPN servers for forwarding to you using the AirVPN web GUI, and forward them to your router ports 8000 and 8001. But 8000 and 8001 may not be available. So you would have to use two other ports to receive connections on the AirVPN server.


If the stuff above does not work, maybe set up forwarding from WAN to LAN using the DD-WRT GUI and see what it does. You may only have to replace "eth0" with "tun0".

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

  • Create New...