Skip to content
/ openwrt-fullconenat Public

Netfilter and iptables extension for full cone NAT ported to OpenWrt

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lxz1104/openwrt-fullconenat

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits

files

files

 
 

LICENSE

LICENSE

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

Repository files navigation

Netfilter and iptables extension for FULLCONENAT target ported to OpenWrt.

This repository is base on openwrt-fullconenat and LEDE, it has beeen adapted to OpenWrt v22.03.3

Compile

# cd to OpenWrt source path
# Clone this repo
git clone -b main --single-branch https://github.com/lxz1104/openwrt-fullconenat package/fullconenat
# Select Network -> Firewall -> iptables-mod-fullconenat
make menuconfig
# Compile
make V=s

Usage

You can apply this patch to OpenWrt's Firewall3 (Recommended).

Or manually add the following rules to /etc/firewall.user

iptables -t nat -A zone_wan_prerouting -j FULLCONENAT
iptables -t nat -A zone_wan_postrouting -j FULLCONENAT

Workaround for conflicting with module nf_conntrack_netlink

This module uses conntrack events to register a callback function. In the same netns, only one callback method can be registered, that causes conflicts with nf_conntrack_netlink, which also uses conntrack events. Qualcomm Shortcut FE has introduced a patch to allow multiple callbacks to be registered. To apply, put this patch into target/linux/generic/hack-4.14.

About

Netfilter and iptables extension for full cone NAT ported to OpenWrt

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages