Use Case Implementation Process
How to setup Loopback Port Forwarding on OpenWRT Kamikaze
If you use OpenWRT and have a server on your LAN, you probably want to setup loopback forwarding. Here's how to do it.
These instructions came from this page. I simply want to explain them a bit more, and confirm that these instructions for loopback forwarding work on OpenWRT Kamikaze.
iptables -t nat -A prerouting_rule -d 100.100.100.100 -p tcp --dport 80 -j DNAT --to 192.168.0.2
iptables -A forwarding_rule -p tcp --dport 80 -d 192.168.0.2 -j ACCEPT
iptables -t nat -A postrouting_rule -s 192.168.0.0/24 -p tcp --dport 80 -d 192.168.0.2 -j MASQUERADE
- Replace 100.100.100.100 with the public IP address given by your ISP.
- Replace all occurrences of 192.168.0.2 with your server's LAN IP.
- Replace 192.168.0.0/24 with CIDR notation for your LAN.
- Replace 80 with the port you want to loopback forward. 80 is the typical webserver port, 443 is SSL webserver. You probably want to forward both ports, so make a copy of these three lines and change 80 to 443 on the second set.
Put these lines in /etc/firewall.user and restart your firewall by running /etc/init.d/firewall restart at the command line.
You must also have already set up your regular port forwards. You can do this through the Kamikaze web interface.
Comments
Harold (not verified)
Wed, 05/09/2012 - 04:18
Permalink
All ports
To enable NAT loopback for all ports just do this:
iptables -t nat -A prerouting_rule -d 100.100.100.100 -p tcp -j DNAT --to 192.168.0.2
iptables -A forwarding_rule -p tcp -d 192.168.0.2 -j ACCEPT
iptables -t nat -A postrouting_rule -s 192.168.0.0/24 -p tcp -d 192.168.0.2 -j MASQUERADE