Can I create a raw table rule with luci

liaoya · April 20, 2022, 7:54am

Hi

I use OpenWrt 19.07 x86 version. I setup a tftp server on wan side.

I run opkg update; opkg install kmod-nf-nathelper-extra; service firewall restart and now the device on lan side can access the tftp server on wan side.

I want my router access the tftp server on wan side also. I put iptables -t raw -I OUTPUT -j CT -p udp -m udp --dport 69 --helper tftp in /etc/firewall.user and it works.

My question is can I put this rule in /etc/config/firewall and how to do it. Can anybody give an example. Thanks a lot.

lleachii · April 20, 2022, 10:13am

I run: opkg update; opkg install kmod-ipt-raw iptables-mod-ipopt kmod-ipt-ipopt to get RAW tables
The RAW rules would go into firewall.user
There should already be CT helpers by default

liaoya · June 15, 2022, 4:11am

@lleachii

Thanks a lot for your answer.

I follow your instruction and cannot found any new items in /etc/firewall.user. I try your instruction on 19.07 and 21.02. And I can not access tftp server on x64 openwrt router.

Can you check whether you miss some package?