[OpenWrt-Devel] External (public) IP forwarded to internal LAN
lists at sumpfralle.de
Thu May 14 11:47:17 EDT 2015
> you can find the output of the two commands on pastebin in the next 2 weeks.
> iptables -L -vn at http://pastebin.com/2b0ewSyu
> iptables -t nat -L -vn at http://pastebin.com/i7qPXEMJ
Here is the lan postrouting taken from the above:
Chain zone_lan_postrouting (1 references)
pkts bytes target prot opt in out source destination
12 860 postrouting_lan_rule all -- * * 0.0.0.0/0 0.0.0.0/0
12 860 MASQUERADE all -- * * 0.0.0.0/0 0.0.0.0/0
The last line should be the problem: every packet heading for the lan zone
(e.g. your webserver) will be masqueraded (SNAT).
Maybe you enabled the masquerading checkbox in the firewall config for this
The content of /etc/config/firewall would probably show the root cause (in case
my above guess is wrong).
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
More information about the openwrt-devel