Any Firewall experts out here? Got stuck on some OpenWrt firewall stuff.
Discussion
Thought first you are stuck in LA.
what's your OpenWRT issue nostr:npub1hw6amg8p24ne08c9gdq8hhpqx0t0pwanpae9z25crn7m9uy7yarse465gr?
I have a GL.INET MT-3000 router that runs OpenWrt 21. I have added a loopback/hairpin NAT rule that forwards a fixed ip (198.168.21.21:2121) to a service running on the router port 3334. That works.
However, I when i add OpenNDS (captive portal package) I want to also allow this IP for preauthenticated users. The weird thing is that with the manufacturer's version of OpenWRT i can't get it to work, but when using a vanilla (OpenWRT 23.x) it does work. I can't figure out where the difference is and how to fix it.
okay understood. do you think that it could have something to do with DNS rebinding? have you investigated that as yet?
I'm not familiar with DNS rebinding, so no. I'm not doing anything DNS related though either. Or am i misinterpreting you now?
If it is a private IP/local network IP, there is a possibility that it could still be affected. Check between the two versions (the version that works and the version that does not work) and see if such a setting exists; and whether or not it is toggled between on and off in either version.
Interesting! i'll check that out, i did find this in the meanwhile!
https://forum.openwrt.org/t/dns-rebind-attack/39141
So i'll check those same logs to see if that's what's happening to me too!
that’s right, I have same router, the manufacturer version is forked China trash fire, only use openwrt image
I don't think that we misinterpreted each other. It is all good. Quick question though: the pre authenticated users are coming from the outside right?