Search the Community
Showing results for tags 'iptables'.
Here's the setup: ISP Router > Main Router running DD-WRT v3.0 > LAN & a Webserver on port 81. All devices/computers have a static local IP. The VPN is working great on a Dedicated IP. All traffic is going through the VPN as intended. I have zero interest in bypassing the VPN. The problem is that I'm unable to connect to the webserver via the dedicated IP. I can access it fine on the LAN. I've tried Port Forwarding using DD-WRT's GUI as well as iptables in Administration > Commands > Firewall iptables -I FORWARD -i tun1 -p udp -d 192.16
I'm trying to forward ports in Ubuntu 16.04. I was trying to edit the .ovpn file I used to import the settings to include something like this... iptables -I FORWARD -i tun0 -p udp -d 10.35.0.30 --dport 51413 -j ACCEPT iptables -I FORWARD -i tun0 -p tcp -d 10.35.0.30 --dport 51413 -j ACCEPT iptables -t nat -I PREROUTING -i tun0 -p tcp --dport 51413 -j DNAT --to-destination 10.35.0.30 iptables -t nat -I PREROUTING -i tun0 -p udp --dport 51413 -j DNAT --to-destination 10.35.0.30 Am I on the right track? Are there other commands I need to add? I was thinking that maybe I need
I have posted already how to prevent hijacking of your DNS by your IP. There are some ISP's like Verizon, T-Mobile, ... which do send all traffic over port 53 (yes, they hijack your DNS), regardless of which DNS servers you use. Here is how to get rid of that and redirect it to some another address with help of iptables instead editing dnsmasq in WebIF (which is still my preferable solution for most tasks), in this example I'll redirect all dns requests to my custom dns server, to lan1 in this case, which is my local DNS Server Openwrt (I think ddwrt should work too, but I did not
omar posted a topic in Member Tutorialsforget about software kill switches, as you can't trust them in firewall, in ddwrt, put this line iptables -I FORWARD -s 192.168.0.0/16 -o $(nvram get wan_iface) -j DROP this will include from 192.168.0.0 to 192.168.255.255 no single machine with those internal IPs will be access the net, if VPN is not up. this is the real deal, tried and tested, works like a charm â€”â€”â€”â€”â€”â€”â€” i - insert FORWARD - for packets being forwarded through the router s - source o - defining interface physical name $(nvram get wan_iface) - gets the wan interface name j - jumps to