I have looked through multiple threads on how to fix the port forwarding issues with the code script, however, I have tried all of the suggested ones and none of them have worked.
I have a Linksys E3000 running the v24-sp2 build 15962, and I've been using the portforward.com portforward checker software to verify my ports being open, and so far it doesn't seem like any of them is working.
Any advice would be awesome. Also, if you need anymore information from me, I will gladly provide them.
Posted: Thu Jul 18, 2013 20:39 Post subject: Works on Build 18874 (Asus RT-N16 )
Thanks for working that out and posting. My vendor (FlashRouters) delivered the Asus RT-N16 with the earlier build and NAT Loopback was not available -- a real showstopper.
under Firewall settings. This is a basic feature that I use very often. Not sure why some people still come up with outdated fixes fro something that ain't broken. _________________ KONG PB's: http://www.desipro.de/ddwrt/
KONG Info: http://tips.desipro.de/
under Firewall settings. This is a basic feature that I use very often. Not sure why some people still come up with outdated fixes fro something that ain't broken.
Thanks for the quick reply. This option IS turned off in the GUI yet I still have the issue. What else might cause this?
under Firewall settings. This is a basic feature that I use very often. Not sure why some people still come up with outdated fixes fro something that ain't broken.
Thanks for the quick reply. This option IS turned off in the GUI yet I still have the issue. What else might cause this?
Probably something in your current setup vpn, bridges etc. Start with a simple config and you will see it works that way.
I did a quick test using netcat and I can confirm it works in a standard setup, what I did:
1. Create forward rule to port 5000 on my current machine
2. Open up a simple telnet server on port 5000 with netcat "nc -l -t -p 5000
3. Connect with putty protocol telnet port 5000 to localhost -> works
under Firewall settings. This is a basic feature that I use very often. Not sure why some people still come up with outdated fixes fro something that ain't broken.
Ain't broken? In a pre-19969 build?
I start with factory defaults on my Buffalo HP-G300NH, built off r19484. I can initially see the DD-WRT UI on the WAN IP from both inside and outside. I change *only* one thing: add a port forwarding rule. I can now see my server from the outside, but not from the inside. The option you mention is disabled by default, though I tried both states.
If that's "ain't broken" then what is it? It sure ain't workin'.
Posted: Sun Oct 06, 2013 4:38 Post subject: Re: NAT Loopback (port forwarding) fix for builds 15760-1996
Just bought a new Buffalo WHR-300HP with DD-WRT "v24SP2-MULTI (07/05/12) std (SVN revision 19438)" (Buffalo's "Pro" dd-wrt firmware) and loopback was disabled. The code below worked.
phuzi0n wrote:
Save the following commands to the Firewall Script on the Administration->Commands page to fix loopback.
insmod ipt_mark
insmod xt_mark
iptables -t mangle -A PREROUTING -i ! `get_wanface` -d `nvram get wan_ipaddr` -j MARK --set-mark 0xd001
iptables -t mangle -A PREROUTING -j CONNMARK --save-mark
iptables -t nat -A POSTROUTING -m mark --mark 0xd001 -j MASQUERADE
Yah, I can test my Minecraft server locally again! I haven't seen any negative side affects, but will report back if I do.
Posted: Thu Jun 12, 2014 22:31 Post subject: Re: NAT Loopback (port forwarding) fix for builds 15760-1996
phuzi0n wrote:
NAT loopback is once again working since build 19969. This fix should only be needed for builds between 15760-19969.
I spent some time thinking about the best way to fix loopback. Despite some bad documentation throwing me off before, I found that it's possible to mark traffic destined to the WAN IP and then only masquerade the marked traffic. This should allow loopback to work for all local interfaces without causing problems when ebtables is loaded.
Save the following commands to the Firewall Script on the Administration->Commands page to fix loopback.
insmod ipt_mark
insmod xt_mark
iptables -t mangle -A PREROUTING -i ! `get_wanface` -d `nvram get wan_ipaddr` -j MARK --set-mark 0xd001
iptables -t mangle -A PREROUTING -j CONNMARK --save-mark
iptables -t nat -A POSTROUTING -m mark --mark 0xd001 -j MASQUERADE
If you have a block of static IP's using 1:1 NAT then you also need to add another iptables rule to cover your IP block. Edit the bolded netblock to be your static IP block and add the rule before the CONNMARK rule.
iptables -t mangle -A PREROUTING -i ! `get_wanface` -d 1.1.1.0/24 -j MARK --set-mark 0xd001
Just and FYI: This fix worked for those having NAT loopback issues with OpenVPN. I'm running build 18777 on a Netgear WNDR4000. When not running the VPN, I don't have a loopback problem. However, when I turn it on, the error comes up. I plugged in phuzi0n's fix, and it works! I had to add the additional line to cover all my internal ip addresses, but it fixed it for me. Thanks phuzi0n!