Yesterday I flashed my router with OpenWRT. It is very nice, but I have a few questions.

1) I have used iptables to foward some ports to my PC (local IP: 192.168.1.100). From remote systems, I can use my global IP to access them. From local systems, I must go to 192.168.1.100. This is more conveinience than anything, but is there a way I can make it so that my local PCs can reach these ports via the global IP, too?

2) Is there I way so that I can make it so only one IP/MAC address combonation can use WEP, while all others must use WPA?

3) I can't edit files via SSH. Vi doesn't work well at all and nano (which I installed myself) saves the files with very strange formatting.

Feel free to answer just one of the questions. Any help is better than none. Thanks in advance.

1) Maybe you did something like : iptables -t nat -A prerouting_rule -i $WAN
You can avoid the -i $WAN and it should work from both lan and wan side

2) I am not sure it is possible to map the wireless security in this way, but one thing is sure, if you both enable WPA and WEP, WEP-capable machines will associate fine, as well as WPA capable (which are also WEP capable, so it is not really a solution)

3) Maybe your terminal program is using an unsupported feature, I don't think it is related to ssh itself, but more on the terminal emulation you use (maybe vt100 emulation is enough)

If you cannot save files, check they are not symlink to the flash (ls -l <filename>)

1. it's the big fat disclaimer in firewall.user ... you either specify -i $WAN and deal with the fact the connection has to actually come from the wan, or you use -d <ip address> but then you have to run the firewall each time the ip address changes.

(RItalMan: if you only remove the -i $WAN then it'll be global.. connecting to any ip at that port will redirect you .. bad idea unless you're trying to set a captive portal)

2. Can't think of any way

3. You'll have to give a better explaination of what's broken.

1) What about setting up a DNS layout that will always point to the router or machine that you want no matter where you are.  The way that I have it setup is like this

Internet zone:
MyDomain.com -> Public IP address of router
www.MyDomain.com -> Public IP address of router
ftp.MyDomain.com -> Public IP address of router
router.MyDomain.com -> Public IP address of router

Local Zone:
MyDomain.com -> Private IP address of router
www.MyDomain.com -> Private IP address of webserver
ftp.MyDomain.com -> Private IP address of ftp server
router.MyDomain.com -> Private IP address of router

Thus, with port forwarding to handle the internet requests and local DNS to handle the local requests, a method of naming the devices has been formed that allows you to access the services from either public or private zones with the same names.

3) vi works just fine for me.  This wasn't really a question, what kind of solution were you wanting?

-Duffin

As for number three, I guess I was just wondering if any else has experienced this problem. I have tried it on both a 'normal' terminal (Ctrl + Alt + F_) as well as gnome-terminal.

Thanks for the help, everyone.

But what specifically does not work? Remember, it's not VIM. In fact it's not fully vi either (it's part of busybox) but it has the basic command set which is more than enough to edit config files.

In vi, everything is crazy. I press insert and things go crazy. I can not backspace to remove lines and everything is nuts. It is hard to explain.

In nano, the editing is fine, but it saves without proper line breaks (nano isn't official supported, though)

What distro are you using? Normally to delete lines you use "dd" and to go into insert mode you press "i" but pressing the INSERT key also works for me. It's really hard to tell with generalities like "things go crazy" though. If you could describe the exact file you opened in vi and the exact keystrokes you made up to the point where "things went crazy" it might be a little easier to help.