jk0.org » OpenWRT and Public IPs

OpenWRT and Public IPs

February 10, 2007

Here is yet another quick tip for all of the OpenWRT users out there: How to set up your router to handle public IPs over a bridge provided by your ISP.

First, add all of the static routes:

route add xxx.xxx.xxx.73 dev br0
route add xxx.xxx.xxx.74 dev br0
route add xxx.xxx.xxx.75 dev br0
route add xxx.xxx.xxx.76 dev br0
route add xxx.xxx.xxx.77 dev br0
route add xxx.xxx.xxx.78 dev br0
route add xxx.xxx.xxx.79 dev br0

We then need to enable a few options:

echo 1 > /proc/sys/net/ipv4/conf/vlan1/proxy_arp
echo 1 > /proc/sys/net/ipv4/conf/br0/proxy_arp
echo 0 > /proc/sys/net/ipv4/conf/default/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore

Remember to copy all of these rules into your network init script (/etc/init.d/S40network).

Lastly, we will need to edit your firewall ruleset. Open the file (vi /etc/init.d/S35firewall) and look for the line that says:

iptables -t nat -A POSTROUTING -o $WAN -j MASQUERADE

Change that to:

iptables -t nat -A POSTROUTING -o $WAN -s 192.168.1.0/24 -j MASQUERADE

From there I suggest rebooting the system to make sure all changes have taken effect. You should then be able to start handing out your public IPs to machines in your LAN.