From b61fd707efdbe0622db6ab525a900378a48113f9 Mon Sep 17 00:00:00 2001
From: mbm <mbm@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Date: Wed, 25 May 2005 02:51:57 +0000
Subject: *** empty log message ***

git-svn-id: svn://svn.openwrt.org/openwrt/trunk/openwrt@1055 3c298f89-4303-0410-b956-a3cf2f4a3e73
---
 target/default/target_skeleton/etc/init.d/S45firewall | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'target/default')

diff --git a/target/default/target_skeleton/etc/init.d/S45firewall b/target/default/target_skeleton/etc/init.d/S45firewall
index a50663725..bdb485936 100755
--- a/target/default/target_skeleton/etc/init.d/S45firewall
+++ b/target/default/target_skeleton/etc/init.d/S45firewall
@@ -16,10 +16,18 @@ iptables -N forwarding_rule
 iptables -t nat -N prerouting_rule
 iptables -t nat -N postrouting_rule
 
+### Allow SSH from WAN
+# iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 22 -j ACCEPT 
+# iptables        -A input_rule      -i $WAN -p tcp --dport 22 -j ACCEPT
+
 ### Port forwarding
 # iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 22 -j DNAT --to 192.168.1.2
 # iptables        -A forwarding_rule -i $WAN -p tcp --dport 22 -d 192.168.1.2 -j ACCEPT
 
+### DMZ (should be placed after port forwarding / accept rules)
+# iptables -t nat -A prerouting_rule -i $WAN -j DNAT --to 192.168.1.2
+# iptables        -A forwarding_rule -i $WAN -d 192.168.1.2 -j ACCEPT
+
 ### INPUT
 ###  (connections with the router as destination)
 
-- 
cgit v1.2.3