Port Forwarding rules do not work

I have an external IP that is not behind NAT and I can receive packets to specific ports (tested with tcpdump). However, in my tcpdump log the packets always rejected despite me having active port forward rule.
Here is ruleset overview from luci output:


What I'm missing? Let me know if you need firewall-cmd output and which

I can barely see the images, pasting the firewall config here would be much better.

Did I see that you are forwarding to LAN? You should forward to a specific computer instead.

2 Likes

Images are clickable, let me post raw links:

https://i.imgur.com/kuy8qDe.png
https://i.imgur.com/z7YVEHU.png
https://i.imgur.com/dfO6hEt.png

Did I see that you are forwarding to LAN? You should forward to a specific computer instead.

Are you talking about the port forward rule? It does not matter any ip or specific IP - same result. I need to forward to LAN zone though, since this is where specific IP is.

It does matter, as you need to specify to which host is the packet forwarded.
Login with ssh and post the following:
uci export firewall; iptables-save -c -t nat

2 Likes