When {Puffy} Meets ^RedDevil^: OpenWRT: Allow SSH Access On WAN Interface

Wednesday, April 15, 2009

OpenWRT: Allow SSH Access On WAN Interface

Here's the quick way to allow SSH Access for WAN interface on OpenWRT, I configure my ssh to run on port 12345 instead of 22 to avoid automated probes from internet using the web interface, then just run this in the terminal -

shell>/usr/sbin/iptables -I INPUT 1 -p tcp --dport 12345 -j LOG

shell>/usr/sbin/iptables -I INPUT 1 -p tcp --dport 12345 -j ACCEPT

To check if it loads properly -

shell>/usr/sbin/iptables -L | grep 12345
LOG tcp -- anywhere anywhere tcp dpt:12345 LOG level warning
ACCEPT tcp -- anywhere anywhere tcp dpt:12345

To make sure it survives reboot -

shell>nvram set rc_firewall="/usr/sbin/iptables -I INPUT 1 -p tcp --dport 12345 -j LOG"

shell>nvram set rc_firewall="/usr/sbin/iptables -I INPUT 1 -p tcp --dport 12345 -j ACCEPT"

shell>nvram commit

Thanks to the link here.

Done!

Cheers (;])

2 comments:

Anonymous said...: This comment has been removed by a blog administrator.; 4/15/2009 01:38:00 PM
Anonymous said...: This comment has been removed by a blog administrator.; 4/15/2009 08:18:00 PM

When {Puffy} Meets ^RedDevil^

Wednesday, April 15, 2009

OpenWRT: Allow SSH Access On WAN Interface

2 comments:

About Me

Blog Archive

NSM Alliance

HeX Alliance

HITB Alliance

MYOSS Alliance

Honeynet Alliance

Bro Zone

BSD Ports