Fullcone NAT on openwrt tutorial

git clone -b master --single-branch https://github.com/LGA1150/openwrt-fullconenat package/fullconenat
mkdir -p package/network/config/firewall/patches
wget -O package/network/config/firewall/patches/fullconenat.patch https://github.com/LGA1150/fullconenat-fw3-patch/raw/master/fullconenat.patch
wget -O- https://github.com/LGA1150/fullconenat-fw3-patch/raw/master/Makefile.patch | patch -p1
pushd feeds/luci
wget -O- https://github.com/LGA1150/fullconenat-fw3-patch/raw/master/luci.patch | patch -p1

Now you can go to Network -> Firewall -> iptables-mod-fullconenat
and enable fullcone nat


Quick note, this seems to be 5 years old and restricted to iptables/firewall3, while recent OpenWrt uses nftables/firewall4, so "caveat emptor"...

Downloading random patches without context or explaination or anything I would hardy call a tutorial. And yes, it targets the legacy release and not fw4/nftables...

1 Like

For firewall 4, use

Maybe start by explaining why anybody should/would want full cone NAT and what OpenWrt offers by default?
I note that the original RFC for STUN seemingly introduced that taxonomy of NATs, but its successor did away with that taxonomy noting that it does not really reflect/describe well what is seen out in the field.


This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.