160ad641ce
- Web app (Flask): status, config, firewall, logs, users, restart - Docs: AT commands, deploy, DNS, quickstart, web GUI - Scripts: connect, deploy, diag, healthcheck, modem-status, speedtest, status, troubleshoot - Init and iptables: 5g-router, 5g-webgui, rules.v4 - CHANGELOG, TODO, REVISION; config and README updates
25 lines
755 B
Plaintext
25 lines
755 B
Plaintext
# Alpine 5G Router – iptables rules (IPv4)
|
||
# Restored at boot by iptables-restore service. Generated/updated by connect-5g.sh or install.
|
||
# Ensure 5G WAN interface is eth1 and LAN is eth0.100; adjust if different.
|
||
|
||
*filter
|
||
:INPUT ACCEPT [0:0]
|
||
:FORWARD ACCEPT [0:0]
|
||
:OUTPUT ACCEPT [0:0]
|
||
# Allow web GUI (port 5000) from eth0 (management access)
|
||
-A INPUT -i eth0 -p tcp --dport 5000 -j ACCEPT
|
||
# Allow LAN -> WAN (5G)
|
||
-A FORWARD -i eth0.100 -o eth1 -j ACCEPT
|
||
# Allow established/related WAN -> LAN
|
||
-A FORWARD -i eth1 -o eth0.100 -m state --state RELATED,ESTABLISHED -j ACCEPT
|
||
COMMIT
|
||
|
||
*nat
|
||
:PREROUTING ACCEPT [0:0]
|
||
:INPUT ACCEPT [0:0]
|
||
:OUTPUT ACCEPT [0:0]
|
||
:POSTROUTING ACCEPT [0:0]
|
||
# NAT LAN traffic going out 5G
|
||
-A POSTROUTING -o eth1 -j MASQUERADE
|
||
COMMIT
|