[Chilli] Port Forwarding With CovvaChilli
Russell Mike
radius.sir at gmail.com
Thu Feb 21 16:05:06 UTC 2013
Hi List,
looking for advice because i have requirement to enable port mapping (port
forwarding) from CoovaChilli's external ip to a web server on the LAN side.
i am bit confuse how to do that. There are many iptable rules always
created every time Coova starts, using *ipup.sh* under
*Output: "/var/run/chilli.tun0.sh". *
root at captive:~# cat /var/run/chilli.tun0.sh
iptables -D INPUT -i tun0 -p tcp -m tcp --dport 3100 --dst 192.168.10.10 -j
ACCEPT
iptables -D INPUT -i tun0 -p tcp -m tcp --dport 4100 --dst 192.168.10.10 -j
ACCEPT
iptables -D INPUT -i tun0 -p udp -d 255.255.255.255 --destination-port
67:68 -j ACCEPT
iptables -D INPUT -i tun0 -p udp -d 192.168.10.10 --destination-port 67:68
-j ACCEPT
iptables -D INPUT -i tun0 -p udp --dst 192.168.10.10 --dport 53 -j ACCEPT
iptables -D INPUT -i tun0 -p icmp --dst 192.168.10.10 -j ACCEPT
iptables -D INPUT -i tun0 --dst 192.168.10.10 -j DROP
iptables -D INPUT -i vlan10 -j DROP
iptables -D FORWARD -i vlan10 -j DROP
iptables -D FORWARD -o vlan10 -j DROP
iptables -D FORWARD -i tun0 -j ACCEPT
iptables -D FORWARD -o tun0 -j ACCEPT
iptables -D FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS
--clamp-mss-to-pmtu
iptables -D FORWARD -t mangle -p tcp -m tcp --tcp-flags SYN,RST SYN -j
TCPMSS --clamp-mss-to-pmtu
iptables -D FORWARD -i tun0 ! -o eth0 -j DROP
iptables -D FORWARD -i tun0 -o eth0 -j ACCEPT
*Scenario:*
Web_Server On LAN has: 192.168.10.10 someone want remote desktop of this
server when hitting external ip for CoovaChilli *WAN:41.222.34.72 *
i am confused, if the rules created by Coova will interfere with the in
coming traffic from the WAN interface to LAN side. Cannot understand, if i
should add new rules in *"ipup.sh"* or how.
Note: It is Ubuntu 12.4LTS default firewall is off (ufw disabled) expect
the Chilli creates some rules.
thanks everyone for attending to my request.
Regards --RM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.coova.org/pipermail/chilli/attachments/20130221/3da9d31e/attachment-0001.html>
More information about the Chilli
mailing list