Hey buddee... thanks for your post. I had posted a couple of days ago in dd-wrt, but no answer so i thought I would come here.
My original post is here:
http://www.dd-wrt.com/phpBB2/viewtopic.php?p=612722#612722
The post basically explains a port forwarding issue to additional internal subnets. As I saw this post of yours right when I visited the forums here I thought I would try it first.
I tried your first suggestion, modifying the subnet to 10.10.10.0 as that is my internal LAN that the router is on. I fed the command via SSH, so I didn't think rebooting was necessary as IPTABLES should go into effect right away. It didn't seem to work... I was still unable to access a port forward on the 10.10.20.0 network.
I then tried the commands from your second post. For the two insmod commands I got:
root@homebase:~# insmod ipt_mark
insmod: ipt_mark.ko: module not found
root@homebase:~# insmod xt_mark
insmod: xt_mark.ko: module not found
The two IPTABLES commands took and then immediately I was able to access a port forward on my .20 network!
So, first off..thank you very much. However, I am not content with a solution, I would like to better understand. I am familiar with firewalls, but not IPTABLES (I am currently beginning my studies into it).
Can you explain to me the limitation in DD-WRT that makes this necessary, and what the two iptables commands you provide actually do.
Also, can you explain why the insmod errors?
And finally, do these command reduce security at all (other then the fact that a port forward is allowed, is there any other risk)?
Thanks so much!