I am trying to make a WAP work "backwards". Wireless is a CLIENT for internet access, and the ethernet is NAT/DHCP server for the LAN.
I (temporarily) opened up firewall by adding several ACCEPTS for traffic WWAN <--> LAN, where WWAN is wireless interface, and LAN is my ethernet interface.
OpenWRT is not sending traffic through. I can ssh to OpenWRT. From the OpenWRT device I can see the internet. I can ping the upstream router.
From my laptop (which I used to ssh into OpenWRT), I AM getting DNS from OpenWRT, but I cannot connect beyond the OpenWRT device. I cannot ping the next step up stream (OpenWRT's upstream router)
Seems like traffic from LAN is not forwarding/masquarading to WWAN (my new zone).
Where can I look?
Is there an IPtable dump I should provide?
Most likely cause is that stock firewall was set up to NAT traffic from wifi network to ethernet upstream. When I switched to where I want ethnernet LAN to NAT to wifi upstream, something needs to change in the firewall to allow such traffic that I did not do.