Fw3 question before routing
Philip Prindeville
pprindeville at gmail.com
Sat Mar 28 17:33:54 PDT 2026
Hi,
Is there a way to have fw3 do EARLY rules during the nat table? I need something like:
iptables -t nat -A zone_lan_prerouting -m tcp -p tcp --dport 25 -m comment --comment "!fw3: outbound SMTP, Submission, IMAP/S" -j MARK --set-xmark 0x1/0xffffffff
ie.
config rule
option name "outbound SMTP, Submission, IMAP/S"
option src lan
option proto tcp
option dest_port '25 587 993'
option set_mark 0x1
option target MARK
I thought the absence of a 'dest' zone (as opposed to 'dest *') would mean to happen before routing, but it doesn't... it just implied an INPUT rule instead.
Is there a notation in fw3 that does what I want or do I have to throw it in /etc/firewall.user (gross)...
Thanks
More information about the openwrt-devel
mailing list