OpenWrt: Change single LAN port to WAN port, and enable SSH + web interface

gistfile1.txt

# Tried and tested method

# First enable web interface
# From: https://openwrt.org/docs/guide-user/luci/luci.secure#allow_https_access_from_internet

uci add firewall wan_https_allow
uci set firewall.wan_https_allow=rule
uci set firewall.wan_https_allow.name='Allow HTTP, HTTPS from WAN'
uci set firewall.wan_https_allow.src='wan'
uci set firewall.wan_https_allow.proto='tcp'
uci set firewall.wan_https_allow.dest_port='80 443'
uci set firewall.wan_https_allow.target='ACCEPT'
# save the new section to /etc/config/firewall
uci commit firewall
# reload the firewall to pick up the new rule
/etc/init.d/firewall reload

# Enable SSH on WAN
# From: https://openwrt.org/docs/guide-user/luci/luci.secure#allow_ssh_access_from_internet

uci add firewall wan_ssh_allow
uci set firewall.wan_ssh_allow=rule
uci set firewall.wan_ssh_allow.name='Allow SSH from WAN'
uci set firewall.wan_ssh_allow.src='wan'
uci set firewall.wan_ssh_allow.proto='tcp'
uci set firewall.wan_ssh_allow.dest_port='22'
uci set firewall.wan_ssh_allow.target='ACCEPT'



# Change LAN to WAN using SSH

vin /etc/config/network

# Disable existing bridge config

#config device
#    option name 'br-lan'
#    option type 'bridge'
#    list ports 'eth0'

# Disable LAN interface
# add option disabled '1' to the lan section, like this:

config interface 'lan'
    option device 'br-lan'
    option proto 'static'
    option ipaddr '192.168.1.1'
    option netmask '255.255.255.0'
    option ip6assign '60'
    option disabled '1'

# Create or nodify the WAN Interface to use eth0:
config interface 'wan'
    option device 'eth0'
    option proto 'dhcp'


# Save the Configuration, and execute:

/etc/init.d/network restart

# You will immediately lose connection. Now it's time to plug your LAN port (which is now a WAN port) into another router's LAN port. You can now access the OpenWRT router using it's assigned IP address