Any advice? Sorry that I'm struggling so much with this. Iptables -t nat -A POSTROUTING -o tun1 -j MASQUERADE Iptables -I FORWARD -i tun1 -o br0 -j ACCEPT Iptables -I FORWARD -i br0 -o tun1 -j ACCEPT Iptables -t nat -I PREROUTING -i tun1 -p udp -dport xxxxx -j DNAT -to-destination 192.168.11.13Īnd then I realized the firewall rules that I got from AirVPN's DD-WRT tutorial used tun0. Iptables -t nat -I PREROUTING -i tun1 -p tcp -dport xxxxx -j DNAT -to-destination 192.168.11.13 Iptables -I FORWARD -i tun1 -p tcp -d 192.168.11.13 -dport xxxxx -j ACCEPT Iptables -I FORWARD -i tun1 -p udp -d 192.168.11.13 -dport xxxxx -j ACCEPT So I updated the command to (note that I'm entering this via Administration > Commands) : I SSHed into the router and found that the VPN is tun1. You can of course run it without rebooting to test by running the command noted above.There must be a device in your ifconfig that represents your VPN adapter. jffs/usr/sbin/miniupnpd -f /jffs/etc/nf -dĪnd then run chmod +x /jffs/etc/config/miniupnp.startup to make it executable.īe sure to disable old UPnP server on DD-WRT. usr/sbin/iptables -t nat -I PREROUTING 1 -j MINIUPNPD usr/sbin/iptables -t filter -I FORWARD 4 -j MINIUPNPD usr/sbin/iptables -t filter -N MINIUPNPD #Wait for firewall and other services to startup. # and to finish the rule set with "deny 0-65535 0.0.0.0/0 0-65535"Īfter you write and close vi, vi /jffs/etc/config/miniupnp.startup to add the following which will make it start up at boot. # it is advised to only allow redirection of port above 1024 # (allow|deny) (external port range) ip/mask (internal port range) # serial and model number the daemon will report to clients # active when compiled with PF_ENABLE_FILTER_RULES (see config.h file) # compile with PF_ENABLE_FILTER_RULES (see config.h file) # filter rules must be used for this to be used. # anchor name in pf (default is miniupnpd) # a 600 seconds (10 minutes) interval makes sense # clean process work interval in seconds. # never remove any rule before this threshold for the number # report system uptime instead of daemon uptime # from displaying an icon in the "Network Connections" panel. # in the XML description of the device, which prevents MS Windows # If set to an empty string, no presentationURL element will appear # default presentation url is http address on port 80 # "secure" mode : when enabled, UPnP client are allowed to add mappings only # bitrates reported by daemon in bits per second # name of this service, default is "`uname -s` Router" # chain names for netfilter (not used for pf or ipf). # 120s and 86400s (24h) are suggested values from PCP-base # configure minimal and maximal lifetime of the port mapping in seconds # If running, MiniSSDPd will manage M-SEARCH answering. # path to the unix socket used to communicate with MiniSSDPd # port for HTTP (descriptions and SOAP) traffic. # address associated with the subnet follows. # When MULTIPLE_EXTERNAL_IP is enabled, the external ip # It if mandatory to use the network interface name to enable IPv6 # It can also be the network interface name (ie "eth0") # there can be multiple listening ips for SSDP traffic. # if the WAN interface has several IP addresses, you Once miniupnpd runs properly, remove the file /jffs/etc/config/upnpd and vi /jffs/etc/nf to paste the following config, modifying for your network (I use 10.0.0.1 for my router, most dd-wrt routers are configured for 192.168.1.1). If it gives an error saying a library is needed, look for that library in the packages folder and possibly install the same way you installed miniupnpd. Once you have it installed, test to verify it runs by typing miniupnpd. SSH or telnet into the router and run wget -O /tmp/miniupnpd.ipk (replace URL with correct one for your router), then run ipkg install /tmp/miniupnpd.ipk to install. I did lots of research and finally found the right way to do it.įirst search Google for a compatible version of OpenWRT for your router, mine being, then look at the firmware download links for the location of the firmware, in my case, then go into packages and search for miniupnpd. I needed to install MiniUPNP to get NAT-PMP on DD-WRT. NOTE: The following guide assumes you understand UNIX.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |