Padavan's Custom Firmware
- Thread starter Guz
- Start date
Adamm
Part of the Furniture
All the GUI does it set portforwarding rules via IPTables, a simple google search will solve all your problems. Here's an example of what IPTables looks like after forwarding port 22 to 1337 in the GUI.
MKANET
Regular Contributor
??? I did plenty of google searches. There was no simple google search that provided how/where to do this; at least, none that was obvious to me. It certainly can't be done in the GUI (first thing I tried, hence my previous screenshot).
The closest I came to what I was looking for was in this link:
https://forums.openvpn.net/topic7823.html
; which didn't look that simple to me. If it's really that easy, maybe you wouldn't mind posting what I could add to my openVPN configuration to forward incoming 8080, 22, 80 TCP ports to 10.249.84.2?
The closest I came to what I was looking for was in this link:
https://forums.openvpn.net/topic7823.html
; which didn't look that simple to me. If it's really that easy, maybe you wouldn't mind posting what I could add to my openVPN configuration to forward incoming 8080, 22, 80 TCP ports to 10.249.84.2?
Adamm
Part of the Furniture
Okay lets take a few steps back as I assumed by your post you knew about iptables. Here I'm going to forward ports 8008 to 1337 on 192.168.1.156
This is what the default ruleset for ipt_nat looks like (located at /tmp/ipt_nat.default)
This is what the version being used on the router looks like after applying the rules in the GUI (located at /tmp/ipt_nat.rules)
The problem is we cant edit these files as /tmp is destroyed and recreated on boot. So each time we boot we will need to add our new rule manually by doing the following in SSH.
iptables -A FORWARD -p tcp -d 192.168.1.156 --dport 1337 -j ACCEPT
iptables --t nat -A VSERVER -p tcp --dport 8008 -j DNAT --to-destination 192.168.1.156:1337
I haven't tested this due to the fact I let UPNP handle my port-forwarding, but there's no reason this shouldn't work. All you need to-do is replace the ports and IP's and it should work with no problems. If you want to learn more about iptables look at the man page or even issue the command "iptables -h" in SSH.
So in your case;
iptables -A FORWARD -p tcp -d 10.249.84.2 --dport 8090 -j ACCEPT
iptables --t nat -A VSERVER -p tcp --dport 81 -j DNAT --to-destination 10.249.84.2:8090
Hope this helps.
Last edited:
MKANET
Regular Contributor
Thanks for your time. However, that doesnt really help me much.
The reason I asked for help here is because I thought there may be other people who have installed the Optware based OpenVPN package associated with Padavan's Custom firmware:
http://code.google.com/p/rt-n56u/wiki/HowToConfigureOpenvpnServer
So, the help I need is specific to that OpenVPN package; which installs an init.d service; with access to a firewall.sh; and clientconnect/disconnect script, etc. Those that installed this package would also recognize the 10.249.84.x default openvpn subnet in my original post screenshot.
I'm not interested in learning about IPtables from the groundup just to add forwarding of a few TCP ports. I dont have that kind of time. However, for someone with experience; who is also familiar with this package, it wouldnt take more than 10 minutes or so to post what exactly to add to my config for this to work.
The reason I asked for help here is because I thought there may be other people who have installed the Optware based OpenVPN package associated with Padavan's Custom firmware:
http://code.google.com/p/rt-n56u/wiki/HowToConfigureOpenvpnServer
So, the help I need is specific to that OpenVPN package; which installs an init.d service; with access to a firewall.sh; and clientconnect/disconnect script, etc. Those that installed this package would also recognize the 10.249.84.x default openvpn subnet in my original post screenshot.
I'm not interested in learning about IPtables from the groundup just to add forwarding of a few TCP ports. I dont have that kind of time. However, for someone with experience; who is also familiar with this package, it wouldnt take more than 10 minutes or so to post what exactly to add to my config for this to work.
Okay lets take a few steps back as I assumed by your post you knew about iptables. Here I'm going to forward ports 8008 to 1337 on 192.168.1.156
This is what the default ruleset for ipt_nat looks like (located at /tmp/ipt_nat.default)
This is what the version being used on the router looks like after applying the rules in the GUI (located at /tmp/ipt_nat.rules)
The problem is we cant edit these files as /tmp is destroyed and recreated on boot. So each time we boot we will need to add our new rule manually by doing the following in SSH.
iptables -A FORWARD -p tcp -d 192.168.1.156 --dport 1337 -j ACCEPT
iptables --t nat -A VSERVER -p tcp --dport 8008 -j DNAT --to-destination 192.168.1.156:1337
I haven't tested this due to the fact I let UPNP handle my port-forwarding, but there's no reason this shouldn't work. All you need to-do is replace the ports and IP's and it should work with no problems. If you want to learn more about iptables look at the man page or even issue the command "iptables -h" in SSH.
Hope this helps.
Adamm
Part of the Furniture
So if your referring to https://dl.dropboxusercontent.com/u/18868731/firewall.sh like I said in my previous post it should be as simple as adding the following lines to the bottom of the do_up() and do_down() functions;
do_up();
iptables -A FORWARD -p tcp -d 10.249.84.2 --dport 8090 -j ACCEPT
iptables --t nat -A VSERVER -p tcp --dport 81 -j DNAT --to-destination 10.249.84.2:8090
do_down()
iptables -D FORWARD -p tcp -d 10.249.84.2 --dport 8090 -j ACCEPT
iptables --t nat -D VSERVER -p tcp --dport 81 -j DNAT --to-destination 10.249.84.2:8090
MKANET
Regular Contributor
Thanks. So, just to be clear, if I add those lines in their respective places in firewall.sh, all incoming TCP port 8090 connections (instigated from the Internet) will be forwarded to my VPN client, 10.249.84.2:8090?
If so, I can understand the logic; and, can apply it to other ports I need to forward. However, what role does dport "81" play in your example? I'm not sure what to do with that; and, what value to give it if I were to forward another port from the Internet.
If so, I can understand the logic; and, can apply it to other ports I need to forward. However, what role does dport "81" play in your example? I'm not sure what to do with that; and, what value to give it if I were to forward another port from the Internet.
Last edited:
Adamm
Part of the Furniture
The commands I posted are the equivalent of what the GUI would do in the screenshot you posted.
![FowardtoOpenVPNIP-[Tue-05-21-2013-9.32.58AM].jpg](/proxy.php?image=https%3A%2F%2Fmka.net%2Fphotos%2FScreenshots%2FFowardtoOpenVPNIP-%5BTue-05-21-2013-9.32.58AM%5D.jpg&hash=337129a67454f28009bc1c96886071a1)
Your 'i'm to busy for iptables' attitude won't get you far working with unix. If you spent the time to issue the command 'iptables -h' you would have seen the very helpful information describing what each portion of the command actually does.
MKANET
Regular Contributor
Thanks so much. I did update /opt/etc/firewall.sh perfectly with the two lines you mentioned. However, it still didn't make any difference; even after restarting the firewall and restarting OpenVPN.
I do have GREAT news though... it looks like Padavan's custom firmware GUI DOES allow me add TCP/UDP forwarding for openVPN IPs; even DMZing them. I'm not sure why it wasn't working the first time I tried it for openVPN IPs.
Code:
do_up();
iptables -A FORWARD -p tcp -d 10.249.84.2 --dport 8090 -j ACCEPT iptables --t nat -A VSERVER -p tcp --dport 8090 -j DNAT --to-destination 10.249.84.2:8090
do_down()
iptables -D FORWARD -p tcp -d 10.249.84.2 --dport 8090 -j ACCEPT iptables --t nat -D VSERVER -p tcp --dport 8090 -j DNAT --to-destination 10.249.84.2:8090I do have GREAT news though... it looks like Padavan's custom firmware GUI DOES allow me add TCP/UDP forwarding for openVPN IPs; even DMZing them. I'm not sure why it wasn't working the first time I tried it for openVPN IPs.
I'm trying to set up a Rosewill EasyN4 (192.168.0.2) & a Rosewill EasyN400 (192.168.0.3) as repeaters. I have them set to AP Repeater mode and they are connected to my N56U (192.168.0.1) I see them in the client list of the N56U. When I connect my laptop wired to one of the Rosewills, I can access the webGUI (192.168.0.3), but can not access the internet. When connected wireless to the ASUS, I can access the internet, but not the Rosewills. Is there a setting the I need to correct on the ASUS to allow the repeater functions to work? Using firmware 3.0.3.5-058
Thanks for the suggestion, but I think that is a little different than what I'm trying to do. I don't want to have to connect a cable from my N56U to each of the Rosewills. I'm trying to use them to extend my wireless signal, and to provide a wired connection to some entertainment devices that do not have wireless adapters and can not run cable to.
new Firmware is out
RT-N56U_3.0.3.6-061
- IPv6+IPv4 (dual stack).
- Linux kernel 3.0.80.
- 5GHz WiFi driver v2.4.3.6 (include backports and fixes).
- 2.4GHz WiFi driver v2.7.1.5.
- Full build: included "transmission", "minidlna".
3.0.3.6-061:
----------------------------------------------------------
- Updated kernel-3.0.x to 3.0.80 from www.kernel.org.
- Updated network and MIPS code from upstream kernels.
- Added Japan region code for AP 2.4GHz (use Japan regulatory domain).
- Added Norway, France, Korea region codes for AP 5GHz. Norway region may be
used for RU and UA (channels 36..48, 149..165).
- Added independent MTU/MRU control for each PPPoE/PPTP/L2TP WAN mode.
- Added ability to enter PIN code up to 8 symbols for EVDO modems.
- Added WLE patch for SMB server to improve work with Win7/8.
- Improved USB2 storage performance (read SMB up to 23MB/s, FTP up to 26MB/s).
- Used EXT4 driver for EXT3 and EXT2 partitions.
- Replaced NTFS driver to ufsd v8.5: allow HFS+ R/W support, allow NTFS/HFS+ export
to NFS server, fixed directories content listing under SMB server.
- Restricted Transmission and Aria2 target partitions to EXT2/EXT3/EXT4/XFS only.
- Fixed long time interval after failure DDNS update.
- Fixed disable DDNS from WebUI.
- Fixed changing Router/AP role at manual NVRAM commit mode.
- Project configuration enhancements, added example configs.
RT-N56U_3.0.3.6-061
- IPv6+IPv4 (dual stack).
- Linux kernel 3.0.80.
- 5GHz WiFi driver v2.4.3.6 (include backports and fixes).
- 2.4GHz WiFi driver v2.7.1.5.
- Full build: included "transmission", "minidlna".
3.0.3.6-061:
----------------------------------------------------------
- Updated kernel-3.0.x to 3.0.80 from www.kernel.org.
- Updated network and MIPS code from upstream kernels.
- Added Japan region code for AP 2.4GHz (use Japan regulatory domain).
- Added Norway, France, Korea region codes for AP 5GHz. Norway region may be
used for RU and UA (channels 36..48, 149..165).
- Added independent MTU/MRU control for each PPPoE/PPTP/L2TP WAN mode.
- Added ability to enter PIN code up to 8 symbols for EVDO modems.
- Added WLE patch for SMB server to improve work with Win7/8.
- Improved USB2 storage performance (read SMB up to 23MB/s, FTP up to 26MB/s).
- Used EXT4 driver for EXT3 and EXT2 partitions.
- Replaced NTFS driver to ufsd v8.5: allow HFS+ R/W support, allow NTFS/HFS+ export
to NFS server, fixed directories content listing under SMB server.
- Restricted Transmission and Aria2 target partitions to EXT2/EXT3/EXT4/XFS only.
- Fixed long time interval after failure DDNS update.
- Fixed disable DDNS from WebUI.
- Fixed changing Router/AP role at manual NVRAM commit mode.
- Project configuration enhancements, added example configs.
icarus
New Around Here
I think this will be tonights project. Getting this up and running.Work out what transmission is...
I haven't tried this firmware in a while , since almost every version I tried, gave me dlna errors when trying to stream to PS3. There has been a problem posted about it for a long time, yet I never see anything in regards to changelogs and PS3 issues....
If anyone has good luck with this firmware and PS3, let me know...
The firmware works fine for my xbox and computers, but I usually stream with PS.
AsusWRT firmware works fine with it but would like to try out padavans.
Thanks!
If anyone has good luck with this firmware and PS3, let me know...
The firmware works fine for my xbox and computers, but I usually stream with PS.
AsusWRT firmware works fine with it but would like to try out padavans.
Thanks!
A Router where you can use DD-WRT Firmware.
http://www.dd-wrt.com/site/index
The next Router I get is a Router where I can use DD-WRT.
I changed the security from WPA2 to WPA then reconnected the repeaters. Everything seems to work now. I guess the Rosewills don't support WPA2, even though they have it as an option.
Careful, I just found out with my testing that the new firmware (3.0.3.6-061) broke Transmission if you use it on an NTFS drive
As for what is Transmission is: It's a BitTorrent client that runs on the router and puts what you are downloading on the attached USB drive.
Similar threads
Latest threads
-
-
-
Release ASUS ZenWiFi XD5 Firmware version 3.0.0.4.388_24011 (2024/11/13)
- Started by fruitcornbread
- Replies: 0
-
Release ASUS RT-AC88U Firmware version 3.0.0.4.386_48313 (2024/11/13)
- Started by fruitcornbread
- Replies: 0
-
Release ASUS RT-AC66U B1 Firmware version 3.0.0.4.386_51720 (2024/11/13)
- Started by fruitcornbread
- Replies: 1
Support SNBForums w/ Amazon
If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!
Sign Up For SNBForums Daily Digest
Get an update of what's new every day delivered to your mailbox. Sign up here!