for the ports:
let's say, on a computer i didn't have a really usefull firewall but wanna have an external IP for outgoing connections. Now with the rules the same IP also would be open for incoming. I would like to prevent that and just open ports as needed for this ip's . _________________ Firmware: DD-WRT v24-sp2 (07/21/09) std-special
---------------------------
5 x Linksys WRT54GL - V1.1
Zyxel P-660H-D1
Netgear Switch 16 Port
FRITZ!Box Fon WLAN 7170
Linksys SPA-2102
Pirelli PRGAV4202N
Mac-User
I have done some additions to my post just right after you posted :)
Now, only one IP and one port is open from the outside, this is what the prerouting does.
The postruting nly translates traffic out, so from outside no one can initiate traffic on these public IPs in the post routing roules, they will be stopped at the router cause it dont know what to do with it.
If you wanted that, you would have to add a similar prerouting statement for all IPs.
great thank you !
that is what i needed exactly !
you made my day thanks again. _________________ Firmware: DD-WRT v24-sp2 (07/21/09) std-special
---------------------------
5 x Linksys WRT54GL - V1.1
Zyxel P-660H-D1
Netgear Switch 16 Port
FRITZ!Box Fon WLAN 7170
Linksys SPA-2102
Pirelli PRGAV4202N
Mac-User
# Assign the wanted IPs to WAN interface on router (vlan1)
ifconfig vlan1:1 195.xx.xx.219 netmask 255.255.255.248 broadcast 195.xx.xx.223
ifconfig vlan1:2 195.xx.xx.220 netmask 255.255.255.248 broadcast 195.xx.xx.223
ifconfig vlan1:3 195.xx.xx.221 netmask 255.255.255.248 broadcast 195.xx.xx.223
ifconfig vlan1:4 195.xx.xx.222 netmask 255.255.255.248 broadcast 195.xx.xx.223
inserted into "firewall":
Code:
# Tell DD-WRT to map, and route all tcp 80 traffic o the following IP to the corresponding LAN IP
iptables -t nat -I PREROUTING -i vlan1 -d 195.xx.xx.219 -j DNAT --to-destination 192.168.1.19
iptables -I FORWARD -p tcp -i vlan1 -d 192.168.1.19 --dport 80 -j ACCEPT
just to be inserted BEFORE the other rules for the different IP's.
I extended the using of the ip's too.
Use PPTP server to connect to linksys with a predefined internal-ip so i am able to change my outgoing ip just on time without edit some rules on wrt54gl.
great - now after 7 months it works :D
(for future search some tags: xpirio , ADSL, Austria, Multi IP, multiple IP) _________________ Firmware: DD-WRT v24-sp2 (07/21/09) std-special
---------------------------
5 x Linksys WRT54GL - V1.1
Zyxel P-660H-D1
Netgear Switch 16 Port
FRITZ!Box Fon WLAN 7170
Linksys SPA-2102
Pirelli PRGAV4202N
Mac-User
Posted: Sun Nov 02, 2008 15:18 Post subject: Similar problem, shure it's me!
Hello friends of dd-wrt.
I read this threads, and I find out, that's the perfect configuration for me. I've 4 unused public IP's in 93.83.xxx.208/29 network. I've implemented all the things which were described on this sides. But after trying this configuration, I find out that under the next "free" IP, allways the Routerkonfigurationpage Linksys on 93.83.xxx.210 appears, what the hell, webgui is configured for port 8083, and not 80? So I tried configured another free one (eg. 93.83.xxx.212 (addon to 93.83.xxx.211)). But still the same, I'm frustrated, what can I do to solve this problem?
My Config:
93.83.xxx.208/29 Base
93.83.xxx.209/29 Cisco 800 in routing modus
93.83.xxx.210/29 Linksys WGT54GL v1.1/ddwrt v24-sp1/192.168.0.0/24
93.83.xxx.211/29 the first point of interest - configured to lanIP 192.168.0.251, and therefor configured a netgear router with this Wan adress, and dhcp config, networking LanIP 192.168.1.0/24.
Inside the 192.168.0.0/24 everything works fine, but from outside, accessing by public IP, I allways getting the Linksys.
BTW: Can someone help? Thanks in advance!
Franz
you have the same configuration as i have - read my post and it should work _________________ Firmware: DD-WRT v24-sp2 (07/21/09) std-special
---------------------------
5 x Linksys WRT54GL - V1.1
Zyxel P-660H-D1
Netgear Switch 16 Port
FRITZ!Box Fon WLAN 7170
Linksys SPA-2102
Pirelli PRGAV4202N
Mac-User