YazFi Allow access from guest network to LAN device

[justinvoelker]

As stated in the title, I'm trying to allow guest network devices to access a single device on the LAN. I followed the "Custom firewall rules" instructions from https://github.com/jackyaz/YazFi but my script doesn't seem to execute.

I created the file "/jffs/addons/YazFi.d/userscripts.d/myscript.sh" and made it executable. Then, I populated it with the following content.

#!/bin/sh
iptables -I YazFiFORWARD -i wl0.1 -o br0 -d 192.168.1.10 --dport 8096 -j ACCEPT

After a router reboot, I executed "iptables -S" and that new rule does not exist. I have "Enable JFFS custom scripts and configs" enabled in the settings but I just can't seem to get this firewall rule added. Any ideas?

 

[Jack Yaz]

As stated in the title, I'm trying to allow guest network devices to access a single device on the LAN. I followed the "Custom firewall rules" instructions from https://github.com/jackyaz/YazFi but my script doesn't seem to execute.

I created the file "/jffs/addons/YazFi.d/userscripts.d/myscript.sh" and made it executable. Then, I populated it with the following content.

#!/bin/sh
iptables -I YazFiFORWARD -i wl0.1 -o br0 -d 192.168.1.10 --dport 8096 -j ACCEPT

After a router reboot, I executed "iptables -S" and that new rule does not exist. I have "Enable JFFS custom scripts and configs" enabled in the settings but I just can't seem to get this firewall rule added. Any ideas?

If you run that line manually does it work?

I think you need to add
-p udp
or
-p tcp

When matching ports

 

[justinvoelker]

Shoot, yup, it was the missing protocol, I should have caught that. Thanks!

For those wondering, the new line to add was

#!/bin/sh
iptables -I YazFiFORWARD -i wl0.1 -o br0 -p tcp -d 192.168.1.10 --dport 8096 -j ACCEPT