HomeForumsOpen-Source SoftwareCoovaAP Firmware

prerouting through coova

Fri, 03/28/2008 - 00:47 — TheFourthHorseman

So I have a bridge off the coova. It's dd-wrt running in AP mode. It runs well enough, and when I'm logged into the internal network I have access to the bridge at 10.1.0.200.

However, I want to access the bridge from outside the network. So I tried to use a prerouting command in iptables such as this:

iptables -t nat -I PREROUTING 1 -p tcp --dport 8080 -j DNAT --to 10.1.0.200:80

So when I access coova on say 1.2.3.4:8080 where coova ip is 1.2.3.4 and im accessing on port 8080 to try to hie gui access, then i should be forwarded to the gui interface on port 80 at 10.1.0.200.

However, that is not happening. The coova refuses to forward into the network. I've tried to open every port for 8080, i've tried different ports randomly such as 8001, 12345, etc... but it just won't work.

I know the prerouting command works because i tried it out on a different system and routed myself to google. I've also used the same prerouting to forward DNS and SMTP requests through coova to a different system.

The bridge is all set up via WDS with an ip and so forth. If I'm on the coova unit it's connected to I can see it, and I can grab the html index page via the wget command, so I have port 80 access to the gui from coova. I just can't get there from outside.

Any thoughts?

‹ Coova AP Restore does not restore hs_radconf_url completly Chilli bottleneck? ›
Sat, 03/29/2008 - 21:48 — TheFourthHorseman

Re: prerouting through coova

I just don't know what to do with this thing. I've tried every conceivable way to force the data to go to the gui on the internal bridge, but my router doesn't seem to be sending.

I might shoo tit, but i'm still debating that solution because I don't think it will actually solove anything. heh

Fri, 03/28/2008 - 17:29 — TheFourthHorseman

Re: prerouting through coova

well it's like this.

hotspot internal = 10.0.0.0
external = 192.168.0.94

what im aiming for is coming into the outside ip on a different port. http://192.168.0.94:8001" target="_blank for example. Then forwarding that requests to the 10.1.0.200 ip of the bridge.

The bridge ip is acting as a client on the network obviously. It's not just a client bridge but a full AP bridge with a different ssid and everything. I need to be able to access the bridge from outside the network for administration purposes.

Using the prerouting rule I would think that this should not be a problem, but obviously the system is making it a problem and I don't see how/why.

Fri, 03/28/2008 - 15:16 — david

Re: prerouting through coova

What interface is set to 10.1.0.200? In general, chilli doesn't route traffic from the wan side into the subscriber network. But, if you are trying to access a local web server, it should be possible if you stay away from the chilli/dhcpif network :)