Re: [gentoo-user] [OT] Router for ssh tunnel/SOCKS proxy

["Boyd Stephen Smith Jr." <bss03@volumehost.net>]

[-- Attachment #1: Type: text/plain, Size: 2699 bytes --]

On Saturday 06 January 2007 04:06, Mick <michaelkintzios@gmail.com> wrote 
about 'Re: [gentoo-user] [OT] Router for ssh tunnel/SOCKS proxy':
> On Saturday 06 January 2007 04:32, Boyd Stephen Smith Jr. wrote:
> > On Friday 05 January 2007 15:44, Etaoin Shrdlu
> > <shrdlu@unlimitedmail.org>
> >
> > wrote about 'Re: [gentoo-user] [OT] Router for ssh tunnel/SOCKS proxy':
> > > On Friday 5 January 2007 21:25, Mick wrote:
> > > > I just want to
> > > > securely connect to my router at home while I am out & about using
> > > > public wifi hot spots and thereby to be able to connect to the
> > > > internet using my ISP for browsing & email.  The only ports I
> > > > should need to forward via ssh to the router/server are those
> > > > serving http/https for browsing and 110/995/143/25/587 for email.
> > > If I understand correctly then, you need ssh (and a public IP
> > > address) running on the router.
> > Or you could forward X over the ssh tunnel, and run your web browser
> > on your router. >:)
> Thanks, I also thought of running FreeNX on the router, if only the
> router were capable of running apps.  It seems that openwrt is not
> (yet?) covering the netgear DG834.  The wireless version DG834G is shown
> as WIP on the openwrt website.  I'll keep an eye on it, or one day
> upgrade my router.

There may be another project out there that works with your router -- I 
know there was one specifically targeting D-Links for a while... search 
around.  You might also see if anyone has tested OpenWRT on your firmware, 
WIP might mean that it just takes some massaging (which could mean 
anything from a few minor config file changes, to a custom build of 
Kamikaze), but is still available an an option.

> > While there has been some work done on a web interface, it's not a
> > priority for the core OpenWRT team.  For me, manging my router from a
> > command prompt worked better anyway.
>
> How do you set firewall rules using opewrt?  Through a script?

Well, you can use the WIP web interface, or you can get a shell and edit 
the firewall rules.  It's standard linux, so you can use iptables directly 
for simple one-off changes that last until you reboot.  IIRC, there is 
also an /etc/init.d/20firewall script that reads iptables rules out 
of /etc/firewall or somesuch.  (Haven't messed with the OpenWRT since I 
moved in May.)  I believe shorewall is also available as an ipkg from the 
WRT developers.

-- 
"If there's one thing we've established over the years,
it's that the vast majority of our users don't have the slightest
clue what's best for them in terms of package stability."
-- Gentoo Developer Ciaran McCreesh

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]