thanks for a useful bit of software - I couldnt get portforwarding to work with X-openwrt , but this worked 'out of the box '. X-openwrt puts a 'forward' in /etc/config/firewall , which doesn't work. this puts 'redirect' which does.
ive been using a gentoo box with shorewall as a front end to IPtables as the firewall and would like to migrate the config to this.
Shorewall is available for openwrt, but im not sure of the relationship between shorewall rules and /etc/config/firewall and /etc/firewall/user.
Once shorewall is restarted , does it write the IPtables syntax to the file ( doenst seem to ....)
id also like eg to configure it that the kids' computers go through squid/dansguardian whilst others don't , using transparent proxying.
how do i do that ? ( its easy with shorewall........)
firewall questions
Moderator: Moderators
Re: firewall questions
Squid/dansguardian take up a ton of RAM which is not available on many smaller routers. Therefore Gargoyle does not use them, or allow for configuring them.
You may want to look into packetprotector (www.packetprotector.org) which is another firmware based on OpenWrt designed specifically for what you want to do.
You may want to look into packetprotector (www.packetprotector.org) which is another firmware based on OpenWrt designed specifically for what you want to do.
Re: firewall questions
thanks - so I wonder why there is a shorewall *ipk for openwrt ?
The alternative would be to use shorewall to configure IP tables and then copy/paste into /etc/user/firewall ?
The alternative would be to use shorewall to configure IP tables and then copy/paste into /etc/user/firewall ?