Port_Forwards.md 3.2 KB

Port Forwarding

What is port forwarding?

Technically, port forwarding is the use of Network Address Translation (NAT) to map an IP address and port number to another IP address and port number. Typically you need this function to be able to expose a service running our your local network (LAN) to the Internet (WAN) which otherwise would be impossible because your LAN uses private, non-routable IP addresses; for example, if you are trying to run a gaming server or a Web page server from your home network.

Security Warnings

Be aware that the use of port forwarding may create additional security holes into your local network. The local system(s) and service(s) you are exposing to the Internet must be free from security vulnerabilities, or this may allow a remote attacker to infiltrate your network.

LuCi Interface

  • Log into the LuCi Web interface, which by default is at address https://192.168.10.1

  • Select the Network >> Firewall menu.

alt text

  • Select the Port Forwards tab.

alt text

  • Under the New Port forward section, enter in the Name field a brief description of the port forward, e.g., "HTTP server" for an unencrypted Web page server.

  • Select a protocol from the Protocol field. Most services you can run will be using the TCP protocol, but you can select TCP+UDP if you aren't sure.

  • Usually, you will leave the External zone set to wan.

  • Enter a port number in the External port field. Typically this will be the usual port number expected for a particular service. E.g., HTTP servers use port 80. You are free to use non-standard ports, but your remote clients may need to use special techniques to connect to the correct port.

  • Usually, you will leave the Internal zone set to lan.

  • Select an IP address in the Internal IP address drop down menu. If your server is using DHCP, you should see its hostname appear in the list. If your server is has it's private IP address set statically, select the Custom option at the bottom of the list, and enter in the correct IP address in the text field that appears. Note that if your server is using DHCP, you should be sure LibreCMC has a static lease created for it (TODO: link to Static Leases documentation).

  • Enter a port number in the Internal port field. Typically this will be the same as the external port, unless you have set your server to work through a non-standard port, or you selected a non-standard external port earlier.

alt text

  • Press the Add button to the right.

  • Press the Save & Apply button at the bottom of the page.

alt text

Port Numbers

The official IANA port number list is available at

[https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml]

Port Range

(TODO: option for configuring a range of ports simultaneously)