Is it possible to route packets from the WAN interface to LAN IPs? I already have a machine functioning as a gateway and would like transparent access between that gateway and the machine's on my WRT54GL's LAN. Like this:
Gateway -> WRT54GL -> (LAN Machine 1, LAN Machine 2, etc...)
Where the gateway can directly access the LAN machines behind the WRT54GL (by using their IPs).
I'm already running my own iptables setup, I don't use the firewall and firewall.user scripts provided.
#!/bin/sh
IPTABLES='/usr/sbin/iptables'
EXTIF='eth0.1'
INTIF='br-lan'
# Clear things out.
$IPTABLES -F
$IPTABLES -X
# Enable loopback.
$IPTABLES -A INPUT -i lo -j ACCEPT
# Setup strict forwarding rules.
$IPTABLES -A FORWARD -f -j DROP
$IPTABLES -A FORWARD -p tcp --tcp-flags ALL NONE -j DROP
$IPTABLES -A FORWARD -p tcp --tcp-flags ALL ALL -j DROP
$IPTABLES -A FORWARD -m state --state INVALID -j DROP
$IPTABLES -A FORWARD -p tcp -m state --state NEW -m tcp ! --syn -j DROP
$IPTABLES -A FORWARD -i $EXTIF -s 192.168.128.0/24 -j DROP
$IPTABLES -A FORWARD -o $EXTIF -s ! 192.168.128.0/24 -j DROP
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
$IPTABLES -A FORWARD -j DROP
# Setup masquerading (NAT).
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
# Setup strict input rules.
$IPTABLES -A INPUT -f -j DROP
$IPTABLES -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
$IPTABLES -A INPUT -p tcp --tcp-flags ALL ALL -j DROP
$IPTABLES -A INPUT -m state --state INVALID -j DROP
$IPTABLES -A INPUT -i $INTIF -p udp --dport 67:68 --sport 67:68 -j ACCEPT
$IPTABLES -A INPUT -i $INTIF -p udp --dport 53 --sport 1024:65535 -j ACCEPT
$IPTABLES -A INPUT -i $INTIF -p tcp --dport 22 -j ACCEPT
$IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A INPUT -j DROPI'm guessing that I might need to do something with routes, but I don't know where to set that up and what to put in.