firewall rules, temporarily disabled until I get them working # each port forward needs corresponding forward in the vpn server #http/https config redirect option name bittorrent option src vpn option src_dport 63324 option dest_ip 192.168.1.2 option dest lan # making the port open (not sure if this is actually needed) config rule option src vpn option target ACCEPT option dest_port 63324 config redirect option name kdsyncthing option src vpn option src_dport 22000 option dest_ip 192.168.1.2 option dest lan option proto tcp config rule option src vpn option target ACCEPT option dest_port 22000 config redirect option name bithtpc option src vpn option src_dport 63325 option dest_ip 192.168.1.4 option dest lan config rule option src vpn option target ACCEPT option dest_port 63325 #### begin rules for nfs #### # https://serverfault.com/questions/377170/which-ports-do-i-need-to-open-in-the-firewall-to-use-nfs # https://wiki.debian.org/SecuringNFS # I had no /etc/default/quota, or any process named quota anything, # so, assumed that was unneeded. seems to work. config redirect option src wan option src_dport 111 option dest_ip 192.168.1.2 option dest lan config rule option src wan option target ACCEPT option dest_port 111 config redirect option src wan option src_dport 2049 option dest_ip 192.168.1.2 option dest lan config rule option src wan option target ACCEPT option dest_port 2049 config redirect option src wan option src_dport 32764 option dest_ip 192.168.1.2 option dest lan config rule option src wan option target ACCEPT option dest_port 32764 config redirect option src wan option src_dport 32765 option dest_ip 192.168.1.2 option dest lan config rule option src wan option target ACCEPT option dest_port 32765 config redirect option src wan option src_dport 32766 option dest_ip 192.168.1.2 option dest lan config rule option src wan option target ACCEPT option dest_port 32766 config redirect option src wan option src_dport 32767 option dest_ip 192.168.1.2 option dest lan config rule option src wan option target ACCEPT option dest_port 32767 config redirect option src wan option src_dport 32768 option dest_ip 192.168.1.2 option dest lan config rule option src wan option target ACCEPT option dest_port 32768 #### end rules for nfs #### config redirect option name mariadb option src wan option src_dport 3306 option dest lan option dest_ip 192.168.1.2 option proto tcp config rule option src wan option target ACCEPT option dest_port 3306 option proto tcp