NAT and FILTER

I need your help.

I downloaded the source code of openwrt from github, but I want to change the configuration of NATING and FILTERING(accept/drop) , but I didn't find the path of these files in source code.

Can any one tell me the path of nat and filter configuration files in source code?
Thanks.

Typically you can simply insert custom rules and there's no need to alter the source code.
What exactly do you want to change?

For example, I want accept packet with port 224 only, and drop anything else, so I want to change rules in Filter table, but I didn't find its file.

1 Like

How can I access to Netfilter in source code ?

Netfilter is part of Linux Kernel:
https://www.netfilter.org

You only need to setup the correct filter rules.
You don't need to change the Source / Linux .

Uwe

1 Like

Can you say more about your use case - why are you building your own firmware image from source?

If you just want to customize the default configuration, another option could be the Imagebuilder.

In any case, I suggest to install and run an official OpenWrt firmware image first, and adjust the configuration on the device, where you can also test it. Then download the configuration and build your own firmware with it, if that's what you need.

I want to use the default configuration files, but also I want to modify some files like netfilter,NAT,filter..etc. ,then to build the source code.

But, I couldn't find the locations of these file such as in targets or package or any where.

So, if someone can tell me where I can find these files in openwrt source code

I want to use the default configuration files, but also I want to modify some files like netfilter,NAT,filter..etc. ,then to build the source code.

But, I couldn't find the locations of these file such as in targets or package or any where.

So, if someone can tell me where I can find these files in openwrt source code.

Firewall implementation at

https://git.openwrt.org/?p=project/firewall3.git

Thank you so much.

Another question, can you tell me the path of NAT configuration ?

Same configuration file, look for „masq“

I mean if I want to implement the iptables(NAT), where should I make this configuration?

Setting the masq property in a zone will create corresponding masquerade (nat) rules in the appropriate chains and table. If you mean DNAT rules then this is possible as well. Refer to the documentation at https://openwrt.org/docs/guide-user/firewall/firewall_configuration

ok brother thank you

I want to ask you a question.

Is there in openwrt source code a file responsible for packet capture or sniffer or raw socket?

Firewall can make reject, accept or redirect, but how it can know the packet detailed, on what it depend on which file ?