Sizzlechest
Regular Contributor
I have a X4S router with Voxel's V1.0.2.43SF firmware. I'd like to do the following: Forward traffic from WAN port 443 to port 5000 on 192.168.1.100 BUT ONLY for a specific source IP range. Setting up 443:192.168.1.100:5000 port forwarding (from all IP addresses) can be done from the GUI. I'm assuming what I want can be done through a set of "iptables" commands. I know how to implement the commands so they get executed whenever the router boots, but I'm not that adept with iptables to figure out which ones will do what I want.
Instead of getting the forwarding rule to be limited, I tried to limit port 443 to only the range:
iptables -A INPUT -p tcp --dport 443 -s XXX.YYY.0.0/17 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j DROP
These rules have no effect on 443.
EDIT: Do I have to restart some service for these rules to take effect? Should these be inserted at the top of the list of rules for the INPUT chain?
Instead of getting the forwarding rule to be limited, I tried to limit port 443 to only the range:
iptables -A INPUT -p tcp --dport 443 -s XXX.YYY.0.0/17 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j DROP
These rules have no effect on 443.
EDIT: Do I have to restart some service for these rules to take effect? Should these be inserted at the top of the list of rules for the INPUT chain?
Last edited: