OpenWrt Forum Archive

Topic: Accessing LAN destinations via public adress

The content of this topic has been archived on 14 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

I have been reading through the topics for the last two hours now and I just don't get it.

Previously I have been using dd-wrt on a Linksys router. There were some simple port redirections when accessed from the internet, as an example 58080->8080 on a specific host in my LAN. Somehow a very typical setup.

Now I am using backfire and have created the same forwards. Works fine from the internet, but not when I access my public adress on port 58080. This connection will just get refused. This was working on dd-wrt.

I have been reading through some possible solutions but they were all limited and looked like a workaround to me.

Can anybody explain in a simple way why this behavious is different and cannot be achieved with 10.03 easily?
I guess, there are good (security?) reasons for this, but I just don't get it.

I am very thankful for some information here.


Kind regards
Markus

jow: Thanks a lot!
Now I've got the expected behaviour.


Markus

just posted a duplicate of this because i really didn't know what this issue is called i.e. "nat loopback".

jow: i already have that exact file in 10.03.1-rc4, but nat loopback is not working for me ootb.

edit: have to take that back, nat loopback is working from lan zone, but not from dmz zone. is there anything specific i have to enable for it? does the hotplug script only setup lan zone by default?

(Last edited by lkraav on 25 Jan 2011, 01:06)

Ikraav:

you need to define your portforwards like this:

config redirect
   ...
   option src wan
   option dest dmz  # this is important or the loopback script will assume "lan"

jow: thank you again. this basically means that configuring redirects with LuCI is only for lan zone, right?

In LuCI 0.9, yes. LuCI 0.10 lets you configure the dest as well.

i have gone through luci.subsignal.org and openwrt wiki, but so far no sign of a "howto install luci 0.10 on backfire". one last pointer please? smile

sidenote: great success today switching broadcom -> ath5k + AR2413 today, multiple SSID bliss, dmz people haz their own wifi now!

lkraav wrote:

i have gone through luci.subsignal.org and openwrt wiki, but so far no sign of a "howto install luci 0.10 on backfire".

Just edit 'feeds.conf.default' in your Backfire root to point into correct Luci 0.10 source code feed instead of the old 0.9 tag.

src-svn luci http://svn.luci.subsignal.org/luci/branches/luci-0.10/contrib/package

Backfire was changed two weeks ago to point to 0.10 by default, but we with old builds have to edit the feeds.conf.default file by hand (unless we solve the SVN conflict with some other way).
https://dev.openwrt.org/changeset/24955

I have done my WNDR3700 Backfire builds with 0.10 and they work just fine.

(Last edited by hnyman on 25 Jan 2011, 18:31)

ok, so this is for self building openwrt, right. there is currently no "opkg install" release for 0.10 then, but there will be?

running this 10.03.1-rc4 is my first openwrt and i haven't learned yet how upgrading goes, esp. without destroying existing configuration. that shouldn't be a problem, since the configuration is stored separately on jffs2 right.

lkraav wrote:

ok, so this is for self building openwrt, right. there is currently no "opkg install" release for 0.10 then, but there will be?

running this 10.03.1-rc4 is my first openwrt and i haven't learned yet how upgrading goes, esp. without destroying existing configuration. that shouldn't be a problem, since the configuration is stored separately on jffs2 right.

If you use the current "trunk" snapshots, you get pretty much and the packages for opkg. And trunk uses 0.10.
http://downloads.openwrt.org/snapshots/trunk/

And yes, in the backup routine in Luci, you also define the files to be preserved when flashing the firmware.
(Still best is to take regular backups from Luci.)

The discussion might have continued from here.