lixuewei / rt-n56u

Automatically exported from code.google.com/p/rt-n56u
0 stars 0 forks source link

Can I enable IpTables in AP mode? #1447

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
I like to enable IPTables in AP mode to reroute Google DNS traffic to my own 
DNS server (allows watching US Netlix in Europe):

iptables -t nat -A PREROUTING -d 8.8.8.8 -j DNAT --to-destination 111.111.11.11
iptables -t nat -A PREROUTING -d 8.8.4.4 -j DNAT --to-destination 111.111.11.11

I can run these rules in the console but they do not work. When I add them to 
the "Run After Router Started:" Custom User Scripts section, they are removed 
after reboot of the router.

is this because the router is running in AP mode? Can someone advise a 
workaround?

Original issue reported on code.google.com by lmolen...@gmail.com on 17 Mar 2015 at 7:34

GoogleCodeExporter commented 9 years ago
Note: The rules are NOT removed after reboot, but they do not stick/work.
When I run "iptables -L" in teh console it shows:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination   

Original comment by lmolen...@gmail.com on 17 Mar 2015 at 8:00

GoogleCodeExporter commented 9 years ago
Sorry for the confusion, the rules do stick (but do not work):
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
DNAT       all  --  anywhere             8.8.8.8              to:104.236.228.x
DNAT       all  --  anywhere             8.8.4.4              to:104.236.228.x

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain upnp (0 references)
target     prot opt source               destination         
DNAT       udp  --  anywhere             anywhere             udp dpt:52424 
to:192.168.0.15:52424
DNAT       tcp  --  anywhere             anywhere             tcp dpt:52424 
to:192.168.0.15:52424
DNAT       udp  --  anywhere             anywhere             udp dpt:47020 
to:192.168.0.32:47020
DNAT       tcp  --  anywhere             anywhere             tcp dpt:47020 
to:192.168.0.32:47020

Chain vserver (0 references)
target     prot opt source               destination

Original comment by lmolen...@gmail.com on 17 Mar 2015 at 7:54