Firewall and Port Forwarding in X-Wrt 8.09

You might want to set up ’loopback forwarding’ so that you can access your WAN IP as if you were not on the LAN. For instance, if you have a web server behind your X-Wrt router, and the incoming port 80 is forwarded from the router to your webserver. This allows computers on the WAN (that is, not on your local network) to view your website. However, if you try to view your website from behind the X-Wrt or OpenWrt router, you won’t be able to see it. For this, you need loopback forwarding. This is because port 80 is forwarded only for WAN requests. From inside of your LAN, it’s obviously not a WAN request. Loopback forwarding treats requests from the LAN as WAN requests, masquerading, forwarding them just the same as any other request from the internet.

Now, on X-Wrt, there is a file /etc/config/firewall, but some instructions tell you to edit /etc/firewall.user. If you make your changes there, they will have no effect. There is a difference between /etc/config/firewall and /etc/firewall.user. Apparently, the latter has been discontinued somewhat.

From the OpenWrt wiki, to make iptables read firewall.user, add this to your /etc/config/firewall:

config include option path /etc/firewall.user

iptables will now read both configuration files. If you follow the instructions above, you will be able to set up loopback port forwarding on x-wrt or openwrt.