View previous topic :: View next topic |
Author |
Message |
weixing979
Joined: 16 Feb 2023 Posts: 6 Location: china
|
Posted: Thu Mar 02, 2023 9:30 am Post subject: How to add wan interface name to rules. |
|
|
Hello
This is miniupnpd version
root@OpenWrt:~# /usr/sbin/miniupnpd --version
miniupnpd 2.3.2
using netfilter(iptables) backend
and when it add port mapping rules, it's content
Chain MINIUPNPD (1 references)
pkts bytes target prot opt in out source destination
558 29192 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:17819 to:192.168.1.143:54321
0 0 DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:17819 to:192.168.1.143:12345
95 4968 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:61516 to:192.168.1.143:12485
2 168 DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:61516 to:192.168.1.143:61516
0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:12483 to:192.168.1.143:12483
Chain MINIUPNPD-POSTROUTING (1 references)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE tcp -- * * 192.168.1.143 0.0.0.0/0 tcp spt:54321 masq ports: 17819
9 902 MASQUERADE udp -- * * 192.168.1.143 0.0.0.0/0 udp spt:12345 masq ports: 17819
0 0 MASQUERADE tcp -- * * 192.168.1.143 0.0.0.0/0 tcp spt:12485 masq ports: 61516
1 78 MASQUERADE udp -- * * 192.168.1.143 0.0.0.0/0 udp spt:61516 masq ports: 61516
0 0 MASQUERADE tcp -- * * 192.168.1.143 0.0.0.0/0 tcp spt:12483 masq ports: 12483
How to specify the wan interface “pppoe-wan" in the rules instead *.
By the way: USE_IFNAME_IN_RULES is defined .
Thanks. |
|
Back to top |
|
|
miniupnp Site Admin
Joined: 14 Apr 2007 Posts: 1593
|
Posted: Mon Mar 06, 2023 6:38 am Post subject: |
|
|
USE_IFNAME_IN_RULES has currently no effect on the netfilter backends (either iptables and nftables)
I guess you should make that the MINIUPNPD chains are called only for "pppoe-wan" _________________ Main miniUPnP author.
https://miniupnp.tuxfamily.org/ |
|
Back to top |
|
|
weixing979
Joined: 16 Feb 2023 Posts: 6 Location: china
|
Posted: Thu Mar 16, 2023 7:56 am Post subject: |
|
|
Hi,
I refer to iptables_init.sh ,
nat table the chain has the interface name . It's OK for me now.
Thanks again.
Chain PREROUTING (policy ACCEPT 604 packets, 41480 bytes)
pkts bytes target prot opt in out source destination
0 0 MINIUPNPD all -- ccmni1 * 0.0.0.0/0 0.0.0.0/0
Chain POSTROUTING (policy ACCEPT 20 packets, 4608 bytes)
pkts bytes target prot opt in out source destination
0 0 MINIUPNPD-POSTROUTING all -- * ccmni1 0.0.0.0/0 0.0.0.0/0 |
|
Back to top |
|
|
|