Menu
What's new
By:
Filters Better Search

Solved Beginners firewall question.

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

H

Henk-J

Occasional Visitor
I wanted to install NGINX om my RT-AX82U, and used these instructions:
My firewall /jffs/scripts/firewall-start script is as follows:


#!/bin/sh
iptables -I INPUT -p tcp --dport 80 -j ACCEPT
iptables -I INPUT -p tcp --dport 443 -j ACCEPT

I must be overlooking something, as the NGINX works ok inport 80 from the LAN side but when I want to access using the WAN side (using hotspot on my phone or antoher internt connection, , unfortunatly it does not work.
So how to make port 80/443 directly accessible from the WAN side? (I know I could try port forwarding)
 
Last edited:
I would start by confirming that nginx is actually listening on the WAN interface.

Code: 
netstat -nlp | grep -E ":80 |:443 "
 
Yes it works, it even shows my costum index.html

Started with 80 only:

admin@RT-AX82U-4BD8:/tmp/home/root# netstat -nlp | grep -E ":80"
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 2121/nginx: master
tcp 0 0 :::80 :::* LISTEN 2121/nginx: master
 
Check that your rules are properly applied, with "iptables -L INPUT -vn".

Make sure your public IP isn't CGNAT, and that you aren't double NATed. Also, some ISPs might block well known service ports such as 80,443,25, etc...
 
RMerlin said:
Check that your rules are properly applied, with "iptables -L INPUT -vn".

Make sure your public IP isn't CGNAT, and that you aren't double NATed. Also, some ISPs might block well known service ports such as 80,443,25, etc...
Click to expand...
Henk-J said:
Yes it works, it even shows my costum index.html

Started with 80 only:

admin@RT-AX82U-4BD8:/tmp/home/root# netstat -nlp | grep -E ":80"
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 2121/nginx: master
tcp 0 0 :::80 :::* LISTEN 2121/nginx: master
Click to expand...
Solved: I had portforwarding configured. Overlooked it
 
Can you expand on that a bit for the ignorant? You don't need port forwarding in this case, and it interfered? Is this NGINX server upstream of the firewall?
 
I had port forwarding configured a very looong time ago, forwarded port 80/443, to an internal ip, and completly forgot all about it.
 
You must log in or register to reply here.

Similar threads

GShlomi
Sharing my DualWan with port forwarding and DDNS experience
Replies
0
Views
146
GShlomi
GShlomi
G
VPN Client with Public IP, split tunnel web server over VPN and other traffic not on the VPN
Replies
4
Views
408
Grefyne
G
R
One router, two segments desired.
Replies
4
Views
397
Rombo
R
PaulA
Port isolation on RT-AX88U-Pro (router) w/ Merlin w/ Tagged internet ISP
Replies
1
Views
296
PaulA
PaulA
H
Port Forwarding Over WireGuard Connection?
2
Replies
22
Views
2K
houmi
houmi
Similar threads
Thread starter Title Forum Replies Date
fffddd URL filtering in the firewall does not take effect Asuswrt-Merlin 7
G Feature request: firewall url filter log Asuswrt-Merlin 0
B Firewall lan - vpn? Asuswrt-Merlin 0
John Tetreault How to open ipv6 firewall to a port on the router? Asuswrt-Merlin 4
C Port Forwarding and Firewall - not working as I expect Asuswrt-Merlin 4
C IPv4 Firewall/Port-Forwarding - Appear to be the same thing on Asuswrt Asuswrt-Merlin 4
colourofsound Asus-Merlin Firewall Asuswrt-Merlin 24
S Cannot ping/skynet will not work while Firewall is Enabled. Asuswrt-Merlin 2
M Firewall rule to allow only a specific domain name Asuswrt-Merlin 13
H Does firewall-start Script Ever Run Twice With Same iptables Rules? Asuswrt-Merlin 13

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 902 (members: 23, guests: 879)
Top