Re: [44net] IP Protocol 4 in DD-WRT and rip44d script

Unless you are forwarding the decapsulated packets from your DD-WRT towards a host inside the NATted LAN, you don't need to bother about ports. Packets from the AMPRnet Mesh use IPIP protocol(protocol number 94), so the Layer 4 is not necessarily visible to DD-WRT as these packets fill contain 2x Layer 3. You will need to forward IPIP protocol packets from the DD-WRT to your internal AMPRnet gateway. On your AMPRnet gatway (not DD-WRT) you will eventually need to allow packets towards port 520/udp in your iptables if you are using iptables on your internal gateway. Please also don't confuse opening a port and opening a port (yes! your wording is weak... H-I) You should make a difference between allowing a packet to be forwarded (iptables table FORWARD) by a router and a packet to be received (iptables table INPUT) by a host. In case you are combining DNAT and FORWARDing on 1 machine (you usually do), you may eventually need to apply iptables -t NAT -A PREROUTING -p 94 -j DNAT --to 192.0.2.1 iptables -A FORWARD -p 94 -d 192.0.2.1 -j ACCEPT in case you are not allowing packets to be forwarded by default or have configured a rule to disallow unknown traffic. On the AMPRnet Gateway (not your DD-WRT) you will eventually need to allow IPIP inbound packets on eth0 and allow packets towards port 520/udp. iptables -A INPUT -i eth0 -p 94 -j ACCEPT iptables -A INPUT -i tunl9 -p udp --port 520 -j ACCEPT YMMV depending on the linux flavor/blend. 73 de Marc, LX1DUC Quoting sp2lob(a)tlen.pl: