Openwrt: Burning the bridge part II

Once I disabled the annoying bridging I ran across a problem. My wireless devices couldn’t get internet access. I have very little experience with iptables but I was able to get enough out of reading the default firewall rules that I could enable NAT for the wireless interface. I added the following to /etc/firewall.user:

WIFI=$(nvram get wifi_ifname)
iptables -A FORWARD -i $WIFI -o $WAN -j ACCEPT

And now I have everything I wanted. My NFS stuff is protected from the wireless devices. My next project will be to setup ipsec stuff so that authenticated wireless devices will have nfs access.

Advertisements
This entry was posted in Geek. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s