Filed Under (Geekspeak, Linux, Work) by Justin on 2007-08-06

I’ve been struggling for a while with getting what I’ve always called “remote administration” working for some Linksys WRT54GL routers running OpenWrt with the X-Wrt extensions. My routers are currently on OpenWrt White Russian – With X-Wrt Extensions 0.9. Rules added through the web interface or in /etc/config/firewall never worked, and I finally ran across this post in the OpenWrt forums. The rule given by eisbaw works a treat for getting remote SSH access to the router. However, I’m not one who likes to open that for everyone to be able to SSH in, as they may be able to guess the password. Also, I wanted to be able to access the Webif interface also, so I made some tweaks. Here is the resulting /etc/firewall.user file:

## Open port to WAN
## — This allows port 22 to be answered by (dropbear on) the router
iptables -s -t nat -A prerouting_wan -p tcp –dport 22 -j ACCEPT
iptables -s -A input_wan -p tcp –dport 22 -j ACCEPT
iptables -s -t nat -A prerouting_wan -p tcp –dport 1080 -j DNAT –to
iptables -s -A input_wan -p tcp –dport 80 -j ACCEPT

I simply replicated the first rule and changed it to a DNAT to get remote Webif access via port 1080 on the WAN side. Also, you’ll notice that I added the “-s” – this only allows access to those two ports if the traffic is coming from our corporate office. If you copy and paste, be sure to modify or remove that directive, otherwise, you’ll still be unable to remotely admin your router.

(1) Comment   


John C on 19 January, 2010 at 11:17 pm #

I’m using WinXP Hyperterminal with “VT100J” terminal selected.

In hyperterminal i ‘hung up’ on the existing serial port COM1 connection. Then went into the Properties-Settings-Emulation and changed it back to auto from ansiw, saved settings. then pressed enter to reconnect. Then typed ‘nano’ and enter. Saw on status line the term emulation changed to vt100j from auto. Then i saved the connection settings for future use.

openwrt kamikaze 8.09.1
default 38400,N81

Post a Comment