I am certainly not a newcomer anymore to OpenWrt, but I still am a newcomer to linux networking, or rather networking in general.
I have been breaking my head for more than a year now (not effective time, just calendar wise) to get these iptables to do what they need to do.
Sure I have bragged about getting log servers in place but the fact of the matter is I have not got around to it yet.
Truth be told it is because I am considering using the proxmox firewall as a starting point.
Now this in no way means that OpenWrt is off the table for me. NOOO. This carefully constructed piece of software has ingrained itself into my mindset as the best of the best so it is not easy to be discarded.
However there are no easy mechanisms to see where things go wrong. Let me rephrase. One needs a damned good understanding of linux networking to debug when ever things go not as planned (even though setup using UCI)
I'd like to first probe if this message makes any sense to any of the developers and if so then I can elaborate on where I think (given my extensive experience with the recent software) can benefit of an update.
@trendy is one of the ones that have been helping me along. Perhaps he can suggest some pointers