I've noticed some people are running Slimserver (or Squeezebox, as it's now called) on OpenWRT. I'm doing something different. I have a Squeezebox that is on my screen porch and I want it connected via ethernet instead of wifi for various reasons. That means, basically, an unsecured ethernet connection to my LAN outside of my direct control.
To solve that problem, I have a Linksys WRTSL54GS. The LAN side is, of course, connected to my LAN, which is in the 172.16.7.xxx range. The WAN side is connected to my Squeezebox. I've set the firewall to forward ports 9000 and 3483 coming in on the WAN to the box on my LAN that runs Squeezecetner.
At first I tried this with the LAN side having the address 172.16.7.101 and the WAN and the Squeezebox were in the 192.168.1.xxx range. Right now I've got the WAN and Squeezebox in the 10.0.0.xxx range. I've told the Squeezebox the default gateway is 10.0.0.101, which is the WAN ip address. I've set the firewall to forward anything with the destination IP as 172.16.7.2 (my Squeezecenter host) to that address on the LAN side. (I figure later, when I get it working, I'll forward only the ports Squeezecener needs.)
While I don't think this is related, on my LAN the default gateway is 172.16.7.1, which is the firewall (running pfSense).
I'm no expert, but I've used web interfaces to set up port forwarding before, for example, to allow someone outside my LAN to make a connection to my VNC listener on my my computer in my LAN. That's always worked just fine.
For some reason, though, no matter what I try, my Squeezebox on the WAN side of the router cannot detect the Sqeezecenter program in the LAN side, even with all the forwarding set up.
My understanding is that I can restrict and control what comes in through the WAN but don't really have control over what comes in through the LAN side, so as I understand it, this should work without a problem.
I've considered it possible that when the packets pass through the firewall, going to the LAN, that there's no NAT, so when my Squeezecenter computer tries to reply, the packets are going to the LAN gateway (at 172.16.7.1) instead of being returned to the router at 172.16.7.101. I don't know enough, though, to have any way to check it out.
What do I need to change if I want the Squeezebox on the WAN side to communicate with Squeezecenter on 172.16.7.2 on the LAN side?
I've included the output from "iptables -L" below. The computer "ozma.thresh.oz" is the one I'm forwarding to at 172.16.7.2 (don't ask -- the name's a long story involving a young relative who likes the Oz books).
Thanks for any help on this!
-------------------------------------------------------
IPTables Output:
Chain INPUT (policy DROP)
target prot opt source destination
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP tcp -- anywhere anywhere tcp option=!2 flags:SYN/SYN
input_rule all -- anywhere anywhere
input_wan all -- anywhere anywhere
LAN_ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere
ACCEPT gre -- anywhere anywhere
REJECT tcp -- anywhere anywhere reject-with tcp-reset
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain FORWARD (policy DROP)
target prot opt source destination
DROP all -- anywhere anywhere state INVALID
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
forwarding_rule all -- anywhere anywhere
forwarding_wan all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain LAN_ACCEPT (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy DROP)
target prot opt source destination
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
output_rule all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
REJECT tcp -- anywhere anywhere reject-with tcp-reset
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain forwarding_rule (1 references)
target prot opt source destination
Chain forwarding_wan (1 references)
target prot opt source destination
ACCEPT all -- anywhere ozma.thresh.oz
Chain input_rule (1 references)
target prot opt source destination
Chain input_wan (1 references)
target prot opt source destination
Chain output_rule (1 references)
target prot opt source destination