What's new
By:

Are these Firewall setting ok

N

Notconnected

Regular Contributor
HI again everyone.
I managed to re install OpenWrt and it is working.
I connect this OpenWrt router to my switch, and use the WiFi on this device to bridge to my phone.
This provides all the devices on the network with internet access.
I am not sure if my Firewall settings are correct, may be someone could advise.
The settings of the Wan seem too open, but am afraid to alter them as I do not want to brick this device.
Advise welcome, thank you all.
Firewall-Setup-.png
 
What is the wan port plugged into? Post these outputs:
Code: 
cat /etc/config/network
cat /etc/config/firewall
You wouldn’t want wan Input set to accept if your wan has a public IP.
 
Notconnected said:
My Mobile phone is set to a hotspot, the WiFi on the router connects to this hotspot,
does this mean I do not have public IP.
Click to expand...
You can check the wan IP with this command:
Code: 
ifstatus wwan | jsonfilter -e '@["ipv4-address"][0].address'
You don’t need to post it, but if it doesn’t start with 10., 192.168., or 172., you might be at risk. I don’t know if the phone would provide any protection from the carrier end, I’ve never had to bother with hotspots/tethering.
 
Last edited:
dave14305 said:
You can check the wan IP with this command:
Code: 
ifstatus wwan | jsonfilter -e '@["ipv4-address"][0].address'
You don’t need to post it, but if it doesn’t start with 10., 196.168., or 172., you might be at risk. I don’t know if the phone would provide any protection from the carrier end, I’ve never had to bother with hotspots/tethering.
Click to expand...
Thanks @dave14305 , I pasted in your command, and I an IP am not familiar with beginning with a 10. it is not in the IP range of any of my network.

I am ordering a new mobile router that a forum user sent me a link to, after it is up and running I will experiment with the firewall settings on this OpenWrt setup, I still think I
do not require the wan port to ACCEPT incoming traffic, should it not be enough to allow outgoing traffic, am not sure until I can safely do the experiment.
If I recall when doing iptables I use out and established, I do not see an uption for established in OpenWrt.
 
Last edited:
You must log in or register to reply here.

Similar threads

N
I need a router, done with diy ones
Replies
6
Views
447
Notconnected
N
N
Please help me get connected to the internet
Replies
14
Views
903
CornfieldWin
C
biohazardx92
Vodafone Digital Voice + Grandstream HT801 one way audio.
Replies
4
Views
569
biohazardx92
biohazardx92
S
Help with BE-92U
Replies
4
Views
629
jzchen
J
W
Best way to implement Vlan
2
Replies
24
Views
1K
Tech9
Tech9

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 2,147 (members: 15, guests: 2,132)
Back
Top