In the firewall configuration that ships with OpenWrt (10.03.1), in the
"lan" zone, why is "option forward REJECT" and not "option forward ACCEPT"?
I think "option forward REJECT" interferes with static routes. If you
configure a static route with "interface lan" then OpenWrt can
communicate with devices via this route and vice versa, but devices in
the "lan" zone can't communicate with devices via this route
e.g.
#### LAN configuration
config interface lan
option type bridge
option ifname "eth0.0"
option proto static
option ipaddr 192.168.1.1
option netmask 255.255.255.0
config route
option interface lan
option gateway 192.168.1.2
option netmask 255.255.255.0
option target 192.168.2.0
OpenWrt can communicate with a device 192.168.2.2 and vice versa, but a
device 192.168.1.3 can't communicate with 192.168.2.2. 192.168.2.2 isn't
in the same network as 192.168.1.3 so 192.168.1.3 sends packets to the
default gateway (OpenWrt, 192.168.1.1). OpenWrt should forward packets
via the static route to 192.168.1.2, but instead it rejects them
In the configuration that ships with OpenWrt (10.03.1), why is "option
forward REJECT" and not "option forward ACCEPT"?
_______________________________________________
openwrt-users mailing list
[email protected]
https://lists.openwrt.org/mailman/listinfo/openwrt-users
