Comment on OpenWrt & fail2ban
talkingpumpkin@lemmy.world 6 days ago
Getting the router to actually assign an IP address to the server
You would typically want to use static ip addresses for servers (because if you use DHCP the IP is gonna change sooner or later, and it’s gonna be a pain in the butt).
IIRC dnsmasq is configured to assign IPs from .100 upwards (unless you changed that), so you can use any of the IPs up to .99 without issue (you can also assign a DNS name to the IP, of course).
all requests’ IP addresses are set to the router’s IP address (192.168.3.1), so I am unable to use proper rate limiting and especially fail2ban.
Sounds like you are using masquerade and need DNAT instead. No idea how to configure that in openwrt - sorry.
tal@lemmy.today 6 days ago
In this case, he controls the local DHCP server, which is gonna be running on the OpenWRT box, so he can set it to always assign whatever he wants to a given MAC.
mic_check_one_two@lemmy.dbzer0.com 6 days ago
Yeah, this is my preferred way of doing it. That way I always have a nice compiled list of IP addresses, and if I ever need to change any of them, I have them all in a single menu instead of needing to access each device individually.