Firewall - Port Forwards - multiple ip addresses from WAN->LAN with LuCi?

Installing and Using OpenWrt Network and Wireless Configuration
10

Yeah.

You could try something that looks like this... not sure if it'll work, though since it isn't technically a DNAT rule.

config rule
	option name 'test'
	option src 'wan'
	list src_ip '10.0.1.1'
	list src_ip '10.0.1.12'
	list src_ip '10.0.1.161'
	option target 'ACCEPT'
	option dest 'lan'
	list dest_ip '192.168.1.5'
	option dest_port '8080 8085 8086 9100 9102'

If it's suffiiciently easy to create a deny-list, you could create a list of IPs that should get dropped/rejected, the rest would then be able to continue to the port forward rule.

1 Like