[SATLUG] stupid WAP question

David Kowis dkowis at shlrm.org
Thu Jul 1 21:09:33 CDT 2010

On 07/01/2010 04:53 PM, travis+ml-satlug at subspacefield.org wrote:
> 1) Which firmware (tomato, dd-wrt, openwrt) do you recommend and why?

I used openwrt, because I have build a shorewall config already and I
wanted to keep using it. My prior router was a sourcemage distro, and so
I wanted to keep the shorewall stuff I'd developed, with traffic shaping
and everything. Unfortunately, the little router didn't have enough
horsepower to run traffic shaping, and I ended up going back to the
router like normal.

> 2) Is there a way to have WLAN traffic NOT go through firewall
>    when traversing to a wired port?
>    Basically I just want a box that bridges the WLAN and the link to my
>    firewall.

You can set up a bridge and bridge ports. I don't think openwrt supports
bridging. You'd have to build the modules yourself. I assume that you've
got multiple static IPs to be able to hand out to clients on the 'inside'?

> 3) Related to 2, is there a way to have it not go through NAT,
>    so that the firewall sees the real IPs, and not the WAN IP of the WAP?

I'm not sure how your setup is done...

Internets -- ROUTER -- WAP


> This would all be so much easier if I had a Linux shell and not some stupid GUI.

Openwrt gives you a shell.


More information about the SATLUG mailing list