<div dir="ltr">Hi Everyone,<div><br></div><div>I was wondering if anyone could help solve a problem I'm having with port forwarding on a tomato router set up to connect to a nas via rsync and another computer via ssh. Any help would be greatly appreciated. Here's where I am at now:</div>
<div><br></div><div>Tomato v1.28.0000 MIPSR2-106 K26 USB Mega-VPN</div><div><div>root@Rorty:/tmp/home/root# ip route show</div><div>10.3.12.1 dev ppp0 proto kernel scope link src 173.234.144.211 </div><div>207.210.24.1 dev vlan2 scope link </div>
<div>173.234.144.194 via 207.210.24.1 dev vlan2 </div><div><a href="http://192.168.1.0/24">192.168.1.0/24</a> dev br0 proto kernel scope link src 192.168.1.1 </div><div><a href="http://207.210.24.0/22">207.210.24.0/22</a> dev vlan2 proto kernel scope link src 207.210.24.187 </div>
<div><a href="http://127.0.0.0/8">127.0.0.0/8</a> dev lo scope link </div><div>default dev ppp0 scope link </div><div>default via 207.210.24.1 dev vlan2 </div><div>root@Rorty:/tmp/home/root# iptables -L</div><div>Chain INPUT (policy DROP)</div>
<div>target prot opt source destination </div><div>ACCEPT all -- anywhere anywhere </div><div>ACCEPT all -- anywhere anywhere </div><div>
ACCEPT all -- anywhere anywhere </div><div>ACCEPT all -- <a href="http://0.0.0.0/24">0.0.0.0/24</a> anywhere </div><div>DROP all -- anywhere <a href="http://wan-ip.rjonasz.org">wan-ip.rjonasz.org</a> </div>
<div>DROP all -- anywhere anywhere state INVALID </div><div>ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED </div><div>shlimit tcp -- anywhere anywhere tcp dpt:ssh state NEW </div>
<div>ACCEPT all -- anywhere anywhere </div><div>ACCEPT all -- anywhere anywhere </div><div>ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc </div>
<div>ACCEPT tcp -- anywhere anywhere tcp dpt:ssh </div><div><br></div><div>Chain FORWARD (policy DROP)</div><div>target prot opt source destination </div><div>TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU </div>
<div>ACCEPT all -- anywhere anywhere </div><div>ACCEPT all -- anywhere anywhere </div><div>TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU </div>
<div>ACCEPT all -- anywhere anywhere </div><div>ACCEPT all -- anywhere anywhere </div><div>TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU </div>
<div>ACCEPT all -- anywhere anywhere </div><div>ACCEPT all -- anywhere anywhere </div><div>TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU </div>
<div>ACCEPT all -- <a href="http://0.0.0.0/24">0.0.0.0/24</a> anywhere </div><div>ACCEPT all -- anywhere <a href="http://0.0.0.0/24">0.0.0.0/24</a> </div><div> all -- anywhere anywhere account: network/netmask: <a href="http://192.168.1.0/255.255.255.0">192.168.1.0/255.255.255.0</a> name: lan </div>
<div>ACCEPT all -- anywhere anywhere </div><div>DROP all -- anywhere anywhere state INVALID </div><div>TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU </div>
<div>ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED </div><div>wanin all -- anywhere anywhere </div><div>wanout all -- anywhere anywhere </div>
<div>ACCEPT all -- anywhere anywhere </div><div><br></div><div>Chain OUTPUT (policy ACCEPT)</div><div>target prot opt source destination </div><div>ACCEPT all -- anywhere anywhere </div>
<div>ACCEPT all -- anywhere anywhere </div><div>ACCEPT all -- anywhere anywhere </div><div>ACCEPT all -- anywhere <a href="http://0.0.0.0/24">0.0.0.0/24</a> </div>
<div><br></div><div>Chain shlimit (1 references)</div><div>target prot opt source destination </div><div> all -- anywhere anywhere recent: SET name: shlimit side: source </div>
<div>DROP all -- anywhere anywhere recent: UPDATE seconds: 60 hit_count: 4 name: shlimit side: source </div><div><br></div><div>Chain wanin (1 references)</div><div>target prot opt source destination </div>
<div>ACCEPT tcp -- anywhere 192.168.1.11 tcp dpt:ssh </div><div>ACCEPT udp -- anywhere 192.168.1.11 udp dpt:ssh </div><div>ACCEPT tcp -- anywhere <a href="http://ix2-200-TI85JF.rjonasz.org">ix2-200-TI85JF.rjonasz.org</a> tcp dpt:rsync </div>
<div>ACCEPT udp -- anywhere <a href="http://ix2-200-TI85JF.rjonasz.org">ix2-200-TI85JF.rjonasz.org</a> udp dpt:rsync </div><div><br></div><div>Chain wanout (1 references)</div><div>target prot opt source destination </div>
<div>root@Rorty:/tmp/home/root# iptables -t nat -L </div><div>Chain PREROUTING (policy ACCEPT)</div><div>target prot opt source destination </div><div>WANPREROUTING all -- anywhere <a href="http://wan-ip.rjonasz.org">wan-ip.rjonasz.org</a> </div>
<div>DROP all -- anywhere <a href="http://192.168.1.0/24">192.168.1.0/24</a> </div><div><br></div><div>Chain POSTROUTING (policy ACCEPT)</div><div>target prot opt source destination </div>
<div>SNAT tcp -- <a href="http://192.168.1.0/24">192.168.1.0/24</a> 192.168.1.11 tcp dpt:ssh to:207.210.24.187 </div><div>SNAT udp -- <a href="http://192.168.1.0/24">192.168.1.0/24</a> 192.168.1.11 udp dpt:ssh to:207.210.24.187 </div>
<div>SNAT tcp -- <a href="http://192.168.1.0/24">192.168.1.0/24</a> <a href="http://ix2-200-TI85JF.rjonasz.org">ix2-200-TI85JF.rjonasz.org</a> tcp dpt:rsync to:207.210.24.187 </div><div>SNAT udp -- <a href="http://192.168.1.0/24">192.168.1.0/24</a> <a href="http://ix2-200-TI85JF.rjonasz.org">ix2-200-TI85JF.rjonasz.org</a> udp dpt:rsync to:207.210.24.187 </div>
<div>MASQUERADE all -- anywhere anywhere </div><div>MASQUERADE all -- anywhere anywhere </div><div>MASQUERADE all -- anywhere anywhere </div><div>
MASQUERADE all -- anywhere anywhere </div><div><br></div><div>Chain OUTPUT (policy ACCEPT)</div><div>target prot opt source destination </div><div><br></div><div>Chain WANPREROUTING (1 references)</div>
<div>target prot opt source destination </div><div>DNAT icmp -- anywhere anywhere to:192.168.1.1 </div><div>DNAT tcp -- anywhere anywhere tcp dpt:2222 to:<a href="http://192.168.1.11:22">192.168.1.11:22</a> </div>
<div>DNAT udp -- anywhere anywhere udp dpt:2222 to:<a href="http://192.168.1.11:22">192.168.1.11:22</a> </div><div>DNAT tcp -- anywhere anywhere tcp dpt:rsync to:<a href="http://192.168.1.8:873">192.168.1.8:873</a> </div>
<div>DNAT udp -- anywhere anywhere udp dpt:rsync to:<a href="http://192.168.1.8:873">192.168.1.8:873</a> </div><div><br></div><div style>Thanks,</div><div style><br></div><div style>Randy</div>
</div></div>