I'm now on my third installation of openwrt RC5, in my second install I had a lot of problems geting port forwarding to work the way I wanted it to work. There is some info, but not alot since port forwarding should be simple, and it is when it works. Thus I've decided to sum all that up here, if it is helpful enough, then maybe this post should then be rolled into a wiki?
Ontop of the basic install, I've installed the following since it was recomended in a wiki and other posts (ipkg install xxxxxxxxx). Do all of these really need to be installed for port forwarding?
iptables-mod-nat
iptables-extra
iptables-utils
Then I have used the web interface to configure port forwarding rules, no need to use iptable commands or edit /etc/firewall.user. The web interface is found by clicking "Network" then "Firewall" when one types the ip address of one's router into a browser.
Match Target Port
Destination Ports: 22 accept
Destination Ports: 25 192.168.1.249 25
Destination Ports: 4662 192.168.1.249 4662
Destination Ports: 4672 192.168.1.249 4672
Destination Ports: 24430 192.168.1.249 24430
Destination Ports: 25500 192.168.1.249 22
Destination Ports: 25501 192.168.1.249 3389
Destination Ports: 25400 192.168.1.155 22
Destination Ports: 25401 192.168.1.155 3389
One creates an entry like the above by selecting "Forward" after "New Rule" and clicking "Add". Then select "Destination Port" and Click "Add". Then type in your "Destination Port", "Forward To" ip address, and "Port" on that same ip address. Then click "Save" and "Apply Changes" at the bottom of the page.
Note that I've set up port translation so I can have multiple ssh servers (port 22) behind the router but I can access each one individualy by the assigned port on the router (25500 or 25400).
Not that one should shy from iptables, it can be very powerful, for example see http://www.macsat.com/macsat/content/vi … /#sshbrute.