Port Forwarding on a Tomato Router

unn4m3d

Hey,

my setup is the following:

Fritzbox 7270 which is connected to the ISP all ports are forwarded to Linksys E3000 --> Linksys E3000 with Tomato which is connected via WAN to Fritzbox 7270 and online via AirVPN --> Different Clients LAN and WLAN which all should go through the tunnel.

VPN connection is established and works great. I am not sure about these IPTables settings. What do you guys recommend in firewall rules and port forwarding?

IPTables

root@unknown:/tmp/home/root# iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
DROP       all  --  anywhere             anywhere            state INVALID
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTAB      LISHED
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
ACCEPT     udp  --  anywhere             anywhere            udp spt:bootps dpt:      bootpc

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
DROP       all  --  anywhere             anywhere            state INVALID
TCPMSS     tcp  --  anywhere             anywhere            tcp flags:SYN,RST/S      YN TCPMSS clamp to PMTU
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTAB      LISHED
wanin      all  --  anywhere             anywhere
wanout     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
upnp       all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain upnp (1 references)
target     prot opt source               destination
ACCEPT     udp  --  anywhere             Ute-PC              udp dpt:65328

Chain wanin (1 references)
target     prot opt source               destination

Chain wanout (1 references)
target     prot opt source               destination
root@unknown:/tmp/home/root#

ifconfig

root@unknown:/tmp/home/root# ifconfig
br0        Link encap:Ethernet  HWaddr C0:C1:C0:18:02:32
           inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:16688 errors:0 dropped:0 overruns:0 frame:0
           TX packets:20466 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0
           RX bytes:2653983 (2.5 MiB)  TX bytes:16320550 (15.5 MiB)

eth0       Link encap:Ethernet  HWaddr C0:C1:C0:18:02:32
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:33254 errors:0 dropped:0 overruns:0 frame:0
           TX packets:31762 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:1000
           RX bytes:16160157 (15.4 MiB)  TX bytes:19313039 (18.4 MiB)
           Interrupt:4 Base address:0x2000

eth1       Link encap:Ethernet  HWaddr C0:C1:C0:18:02:34
           UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
           RX packets:750 errors:0 dropped:0 overruns:0 frame:21226
           TX packets:3064 errors:8 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:1000
           RX bytes:116486 (113.7 KiB)  TX bytes:934056 (912.1 KiB)
           Interrupt:3 Base address:0x1000

eth2       Link encap:Ethernet  HWaddr C0:C1:C0:18:02:35
           UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
           RX packets:299 errors:0 dropped:0 overruns:0 frame:7
           TX packets:1898 errors:9 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:1000
           RX bytes:35932 (35.0 KiB)  TX bytes:435309 (425.1 KiB)
           Interrupt:6 Base address:0x8000

lo         Link encap:Local Loopback
           inet addr:127.0.0.1  Mask:255.0.0.0
           inet6 addr: ::1/128 Scope:Host
           UP LOOPBACK RUNNING MULTICAST  MTU:16436  Metric:1
           RX packets:145 errors:0 dropped:0 overruns:0 frame:0
           TX packets:145 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0
           RX bytes:13351 (13.0 KiB)  TX bytes:13351 (13.0 KiB)

tun11      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
           inet addr:10.4.46.54  P-t-P:10.4.46.53  Mask:255.255.255.255
           UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
           RX packets:13077 errors:0 dropped:0 overruns:0 frame:0
           TX packets:9796 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:100
           RX bytes:11252398 (10.7 MiB)  TX bytes:1453953 (1.3 MiB)

vlan1      Link encap:Ethernet  HWaddr C0:C1:C0:18:02:32
           UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
           RX packets:16220 errors:0 dropped:0 overruns:0 frame:0
           TX packets:20048 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0
           RX bytes:2645481 (2.5 MiB)  TX bytes:16224784 (15.4 MiB)

vlan2      Link encap:Ethernet  HWaddr C0:C1:C0:18:02:33
           inet addr:192.168.178.31  Bcast:192.168.178.255  Mask:255.255.255.0
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:14724 errors:0 dropped:0 overruns:0 frame:0
           TX packets:10243 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0
           RX bytes:12618735 (12.0 MiB)  TX bytes:2425544 (2.3 MiB)

I found this on the net and tried it but it stopped working after a reboot.:

iptables -t nat -A PREROUTING -p tcp --dport <your_port_number> -j DNAT --to-destination <your_destination_IP_address>
iptables -A FORWARD -s <your_VPN_IP> -p tcp --dport <your_port_number> -j ACCEPT

Thanks in advance.

Sign In

Port Forwarding on a Tomato Router

Recommended Posts

unn4m3d 2

Share this post

Link to post

Join the conversation

Home

Community