Allow a redirect like:
config redirect
option src 'wan'
option dest 'lan'
option src_dport '22001'
option dest_port '22'
option proto 'tcp'
note the absence of the "dest_ip" field, meaning to terminate the connection on the firewall itself.
This patch makes three changes:
(1) moves the conntrack module into the conntrack package (but not any of the conntrack_* helpers).
(2) fixes a bug where the wrong table is used when the "dest_ip" field is absent.
(3) accepts incoming connections on the destination port on the input_ZONE table, but only for DNATted
connections.
In the above example,
ssh -p 22 root@myrouter
would fail from the outside, but:
ssh -p 22001 root@myrouter
would succeed. This is handy if:
(1) you want to avoid ssh probes on your router, or
(2) you want to redirect incoming connections on port 22 to some machine inside your firewall, but
still want to allow firewall access from outside.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
SVN-Revision: 26617
These patches were submitted to netdev and will likely be out in 2.6.38.3.
In the meantime, they're needed in 2.6.37.6.
Patch by Philip Prindeville
SVN-Revision: 26616
Currently the device id in the platform driver is hardcoded to an
id which is specific to AR9130/AR9132 SOCs as it supports only wmac
(wireless mac) of these SOCs. But this needs to be dynamic when we
want to support different wmac of SOCs. So add id_table to driver to
make it extendable to more SOCs.
Signed-off-by: Vasanthakumar Thiagarajan <vasanth@atheros.com>
SVN-Revision: 26604
Add support for the Buffalo WZR-HP-G301NH. The only difference between it
and the WZR-HP-G00NH is that it has a RTL8366RB instead of a RTL8366S.
Since we don't do runtime detection of the switch, we need a separate
machine definition for it.
While we are at it, also rename the profile to reflect that it now is for
more than one device.
Signed-off-by: Jonas Gorski <jonas.gorski+openwrt@gmail.com>
SVN-Revision: 26601
Since the PHY driver is only used for the WAN port and there is virtually
no difference between it and the generic PHY driver, we can sefely remove
it.
Signed-off-by: Jonas Gorski <jonas.gorski+openwrt@gmail.com>
SVN-Revision: 26600
* Some module should be loaded later to load them after the modules they are depending on
* add some more missing config symbols
* make CS5535 build again
SVN-Revision: 26570
Add a bundle for including commonly useful modules for IPtables debugging and development.
For now, it just contains xt_TRACE.ko
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
SVN-Revision: 26567
