[plug] IPTables question
Byron Hammond
byronester at gmail.com
Thu Oct 23 14:07:52 AWST 2025
First, let me thanks James Henstridge for all the recent work on plug
infrastructure
Upgrading and migrating software. Thankless work imo. Until now. Thanks! :D
I personally enjoy reading the commit messages and commits. Interesting.
Onto the topic of the post...
*Context/Background:* I have a high end consumer grade Asus wifi router
(GT-AX6000). It runs AsusWRT a fork of OpenWRT I believe. I'm using the web
interface to setup port forwarding to an internal server.
*The Problem:* The packets forwarded to the internal server from the router
have a source ip of the router, which causes problems for my fail2ban
setup, which effectively bans the router instead of the real source ip.
I have confirmed this by checking the logs of the application server
running on the internal server. I have also done various packet captures
using tcpdump and all packets reaching the application have a source ip of
the router, instead of the original source ip from the original incoming
packet to the router.
Is this a nat problem? I have SSH access to the router and have looked at
the iptables chains but it's been a long time since I've used iptables and
could frankly do with a little bit of help.
I'd prefer not to be posting firewall specifics to this list because of the
public nature of this list.
Happy to provide specifics otherwise, like `iptables -t nat -L` or whatever
else.
Halp! :D
Thanks
Byron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.plug.org.au/pipermail/plug/attachments/20251023/4862e37a/attachment.htm>
More information about the plug
mailing list