OK I get what you mean, the website does load, but as I clicking deeper inside it's getting much slower.
In my GitHub page there is another discussion about map.sh change, is that you as well? (However the map.sh content change looks difference from yours after running a diff check) Seems we are all trying to find solution to optimize.
BTW when I just finished the setup with default map.sh, I already saw that under firewall rules there is thousand of ports listed to map the ports (of course I didn't check one by one yet), maybe I should spend some more time to read them all.
I found out that the map.sh script is trying to map ICMP to a port, but fails due to some check in OpenWRT that does not allow ICMP to be mapped to a port. Doing so manually via nft (position is # handle at the end of the rule - you can get it by "nft -a list ruleset") and place it in between one of the rules in chain snat.
Here's the command I ran (replace position, oifname, IP and port range to match your setup):
nft add rule inet fw4 srcnat position 999 meta nfproto ipv4 meta l4proto icmp oifname "map-replaceme" counter packets 0 bytes 0 snat ip to 18.104.22.168:1234-1234
I needed only one rule for ping to work, but if we can make it generate the rules, then all can be used.
Almost complete solution....
There is the issue of fwmarks interfering with other things that use fwmarks like mwan3 or policy based routing.
But as long as those functions are not needed it's good enough I suppose.
In my case I need these functions, so I just run two OpenWRT VMs.
Understand, I have never done this with OpenWrt before (I use pfSense before and it's not working in this way), this packet marking way is more or less like the RouterOS from Mikrotik, so if we implement solution with mwan3 we have to think about it. Just don't know the precedence of fwmark, if we also use mwan3, will the fwmark by map-e go first (i.e. will be overwritten by mwan3 rules) or the other way?
I suggest to follow up this in my GitHub page and open new issue there to discuss (as this thread here going longer would be difficult to track everything)
I am adjusting the fwmark rules to use masks instead. It's still a hacky solution, but it's likely to work. Will do some tests and ensure mwan and pbr working then post the working files on your github.
EDIT: I have now fixed policy based routing and mwan. Now it is a complete solution. I will post everything at your github in the discussion as well.
It is probably the MTU. Try 1280 for the MTU, then go up from there. Also set the MTU of your map-e connection to 1452 in OpenWRT. I have a wireguard VPN and get 300mbps+ via ipv4, but it doesn't work well if the MTU is too high.
I am not going to use UPnP (and in terms of security this is also not preferred way) so I can live without it, but from technical point of view we can try to see if we can find a workaround, feel free to open a new issue/discussion there
Thanks, please try and report if any problem in my GitHub page, some forum members already helped and we figured out original MAP package script needs changes to have better results (see discussion/issue page in my GitHub).
Arcive.org I've used it but some 5ch forum things (especially those images) can't be found, but anyway those were targeting OpenWrt older version which doesn't use nftables, we still need something new.