I have a GL.iNet GL-AR300M router which is using OpenWrt 19.07.8. It is set up in bridge (extender) mode to connect a wired only device to my local network via a wifi connection.
This works just fine, the device can be accessed and has Internet access. It is accessing two website on the net and I would like to redirect those to my local server.
Since I can't make changes to my main router (DHCP-server) it has to be done on the OpenWrt router.
You would need to use the device in routed mode (not dumb ap mode). From there, you would use the firewall to hijack and redirect the desired traffic.
Keep in mind that you can redirect the ip address, but not the actual url. Further, if the site is modern (https), the browser will complain (rightfully so) that the certs don’t match.
To be clear, the solution only solves for hosts that are behind the openwrt router, not those directly connected to the upstream network.
The router or the server that sits behind it? The router would be accessed by opening the firewall on the wan (note: never do this if the upstream network is not fully trusted, such as the internet). Server would be using port forwarding. This would have to be done via ip address (specifically the ip address of the router’s wan), unless you can modify the dns entries on the main router.
I reset the Gl-router, added port forwarding for the router web interface and one for the device, added the two host names to point to my own server and that's it.
The solution is still valid, but that stupid device I wanted it for doesn't use host names, instead it uses hard-coded IP addresses. I added port-forwarding from LAN to WAN and all port 80 requests go to my server. So, I am all set...
However, and for future reference I would like to know how one could rewrite an external IP to go to another external IP. I searched the net and found some SNAT / DNAT stuff but couldn't really make sense of it, especially since those were about redirecting from external to internal or vice versa.