I've managed to make LuCI (ACME) and SSH reachable from the outside, but my knowledge about firewalls and especially iptables is very limited. (iptables is a monster with 5 heads, enormous fangs and 7 tails)
Till now I managed to test my setup via
iptables -I input_rule -p tcp --dport 443 -j ACCEPT -m comment --comment ACME iptables -I input_rule -p tcp --dport 22 -j ACCEPT -m comment --comment SSH
but this is not persistent after a reboot. Afaik there are three ways to manage firewalls in OpenWRT.
iptables, fw3 and LuCI. I tried all three of them but I'm mostly afraid of breaking something or setting something that I don't know how to revert.
Could someone tell me how to safely and permanently open LuCI 443 and SSH to WAN?
WAN is in this case a 10.X.X.X/24 network behind my internet facing proprietary ISP router. (Already got a domain, DDNS working, as well as Port Forwarding in the ISP router.)
FYI I'm using this build.