hi and happy new year,

i'm trying to understand how works a firewall. So with a linksys wrt54gl i just want to configure a firewall with a basic rule, e.g a communication between WAN port and LAN port. I removed dhcp on both interfaces and removed all rules in etc/config/firewall file. i just use etc/firewall.user.

my config:

#etc/firewall.user

iptables -F
iptables -X

iptables INPUT DROP
iptables OUTPUT DROP
iptables FORWARD DROP

iptables -A FORWARD -i br-lan -o eth0.1 -j ACCEPT
iptables -A FORWARD -i eth0.1 -o br-lan -j ACCEPT

#etc/config/network

config switch eth0
         option vlan0         "0 1 2 3 5"
         option vlan1         "4 5"

config interface loopback
         option ifname        "lo"
         option proto          static
         option ipaddr         127.0.0.1
         option netmask      255.0.0.0

config interface lan
         option type            bridge
         option ifname         "eth0.0"
         option proto           static
         option ipaddr         192.168.1.13
         option netmask      255.255.255.0

config interface wan
         option ifname         "eth0.1"
         option proto           static
         option ipaddr         192.168.1.113
         option netmask      255.255.255.0

when i connect a dhcp router with internet acces  on the wan port and a pc on a port of the LAN interface, i can't access to the web....

regards,

singuleol.

You need to implement masquerading rules in your firewall.user file.

~ JoW

hello,

thanks for your answer. there is something i don't undertand... as i use internet in the same network via another router, normally i don't need to use nat rules because i haven't to make address transalation (but i'm not sure...) I'm right???

thanks in advance.

singuleol

You're right, but since you use a different subnet on the lan side of your OpenWrt box you need to route that on your main router using the OpenWrt box' wan ip as gateway.