package/iptables/files/firewall.user

   1 #!/bin/sh
   2 # Copyright (C) 2006 OpenWrt.org
   3
   4 iptables -F input_rule
   5 iptables -F output_rule
   6 iptables -F forwarding_rule
   7 iptables -t nat -F prerouting_rule
   8 iptables -t nat -F postrouting_rule
   9
  10 # The following chains are for traffic directed at the IP of the
  11 # WAN interface
  12
  13 iptables -F input_wan
  14 iptables -F forwarding_wan
  15 iptables -t nat -F prerouting_wan
  16
  17 ### Open port to WAN
  18 ## -- This allows port 22 to be answered by (dropbear on) the router
  19 # iptables -t nat -A prerouting_wan -p tcp --dport 22 -j ACCEPT
  20 # iptables        -A input_wan      -p tcp --dport 22 -j ACCEPT
  21
  22 ### Port forwarding
  23 ## -- This forwards port 8080 on the WAN to port 80 on 192.168.1.2
  24 # iptables -t nat -A prerouting_wan -p tcp --dport 8080 -j DNAT --to 192.168.1.2:80
  25 # iptables        -A forwarding_wan -p tcp --dport 80 -d 192.168.1.2 -j ACCEPT
  26
  27 ### DMZ
  28 ## -- Connections to ports not handled above will be forwarded to 192.168.1.2
  29 # iptables -t nat -A prerouting_wan -j DNAT --to 192.168.1.2
  30 # iptables        -A forwarding_wan -d 192.168.1.2 -j ACCEPT