WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

PORT FORWARDING WITH UCI COMMANDS

0 votes
910 views 0 comments
by anonymous
Hello,

I'm trying to automate the port forwarding with UCI Commands.

I need to add the two rules that you see in the attached file "two new rules portforwarding".

Now I'm using the following two lists of commands (but in some cases the router is not updated):

commandFirewall_occp_server = {

   1: 'uci set firewall.DMZ=redirect',

   2: 'uci set firewall.DMZ.src=wan',

   3: 'uci set firewall.DMZ.target=DNAT',

   4: 'uci set firewall.DMZ.dest=lan',

   5: 'uci set firewall.DMZ.proto=tcp udp',

   6: 'uci set firewall.DMZ.src_dport="18001"',

   7: 'uci set firewall.DMZ].dest_ip= "192.168.240.171"',

   8: 'uci set firewall.DMZ.dest_port= "18001"',

   9: "uci set firewall.DMZ.name= 'occp_server'",

   10: 'uci set firewall.DMZ.targert=DNAT',

   11: 'uci set firewall.DMZ.enable="1"',

   12: 'uci commit firewall'

}

and

commandFirewall_ssh_charger = {

   1: 'uci set firewall.@redirect[5]=redirect',

   2: 'uci set firewall.@redirect[5].src=wan',

   3: 'uci set firewall.@redirect[5].target=DNAT',

   4: 'uci set firewall.@redirect[5].dest=lan',

   5: 'uci set firewall.@redirect[5].proto=tcp',

   7: 'uci set firewall.@redirect[5].src_dport="22"',

   8: 'uci set firewall.@redirect[5].dest_ip= "192.168.240.171"',

   9: 'uci set firewall.@redirect[5].dest_port= "22"',

   10: "uci set firewall.@redirect[5].name= 'ssh_charger'",

   11: 'uci set firewall.@redirect[5].enable="1"',

   11: 'uci commit firewall'   

}

Please see the attached screen in the file that explains manually the two rules...

Could someone help me?

Thanks a lot

Alessandro

1 Answer

0 votes
by anonymous

Hi Alessandro,

Thank you for your query.

To begin with, I would like to ask you what firmware version are you using and what device is it? I assume its not the newest firmware looking into the syntax you are currently using. I would recommend upgrading to 7.0 FW to start with as uci commands differ from FW to FW.(If firmware upgrade for some reason would not be an option, the steps provided bellow still apply, just the syntax may differ from the current one)

In addition, my recommendation would be first to create both rules through the routers WEBUI. By navigating to Network->Firewall->Traffic Rules and adding a new rule. This way you would be able to test it when ever its working properly. Secondly, I would in general recommend creating it with WEBUI and then only changing the following line 'uci set firewall.@redirect[5].enable="1"' to enable or disable the command.

To sum up, in your situation, I would upgrade the firmware, create both of these rules via WEBUI and then I would check the syntax by typing: uci show firewall via CLI. After these steps completed, I would delete the rules in the WEBUI and would set the completely same syntax via routers CLI using uci set. This way you would save a lot of your time debugging. Then you could save the syntax and just paste it on any machine with the same firmware version.

More information on uci commands usage and syntax could be found at: https://wiki.teltonika-networks.com/view/UCI_command_usage

Best Regards,

Dziugas