A LuCI web interface for the powerful natmap utility, allowing for easy configuration of Full-Cone NAT (NAT-1) port mapping directly from the OpenWrt web interface.
This application provides a user-friendly way to manage multiple natmap instances, monitor their status, and integrate custom scripts, without needing to access the command line.
The core natmap tool by heiher is a command-line utility designed to establish and maintain port mappings on routers with Full-Cone NAT. This LuCI application provides a seamless graphical interface to configure and manage it.
The interface is divided into two main sections:
- Instance Running Status: A live, auto-refreshing view of all active
natmapinstances, showing their real-time public IP and port mappings. - NATMap Instances: A configuration section to create, edit, and delete
natmapinstances with all their parameters.
- Full GUI Configuration: Manage all
natmapinstances without touching configuration files. - Multi-Instance Support: Run multiple independent
natmapprocesses for different ports and protocols. - Live Status Monitoring: An auto-refreshing status panel shows which instances are running and their mapped public IP/port.
- Robust Process Management: Uses OpenWrt's
procdto ensurenatmapinstances are started reliably and respawned on failure. - Complete Parameter Support: The interface supports all key
natmapparameters, including:- IP Family (
-4,-6) - Network Interface (
-i) - Keep-alive Interval (
-k) - Forwarding Mode (
-t,-p)
- IP Family (
- Custom Script Integration: Easily specify a custom command or script to be executed upon a successful port mapping, with all
natmapparameters passed directly to it. - Internationalization (i18n): Supports multiple languages (English and Chinese included).
- An OpenWrt-based router.
- The
natmapbinary must be installed. This package should listnatmapas a dependency. You can find the original project here: heiher/natmap.
You can install luci-app-natmap in one of two ways.
If you have a pre-compiled .ipk package, you can install it via the LuCI web interface or command line.
- Upload the
.ipkfile to your router's/tmpdirectory (using SCP or a tool like WinSCP). - Connect to your router via SSH and run the following command:
opkg install /tmp/luci-app-natmap_*.ipk - The
natmappackage, if not already installed, should be installed automatically as a dependency.
To compile this application as part of your own OpenWrt build:
- Clone this repository into your OpenWrt build environment's
packagedirectory:cd <your-openwrt-buildroot>/package/ git clone <this-repository-url> luci-app-natmap
- Run
make menuconfigand navigate toLuCI->3. Applications->luci-app-natmap. Mark it with<*>to include it in your build. - Run the build command:
make
After installation, navigate to Services -> NATMap in the LuCI web interface.
This section is at the top of the page and shows the real-time status of your enabled instances. It will automatically refresh every 5 seconds.
- Configuration Name: The name of the instance section from the configuration below.
- Running Status: Shows
● Runningfor active processes. - Public IP: The mapped public IPv4 address. Will show
Getting...until the mapping is established. - Public Port: The mapped public port.
This is where you configure your natmap instances. Click "Add" to create a new one, or "Edit" to modify an existing one.
| Parameter | Description |
|---|---|
| Enabled | A master switch to enable or disable this specific instance. |
| Description | A user-friendly name for this instance (e.g., "Web Server Port"). |
| IP Family | Choose whether to force IPv4 (-4) or IPv6 (-6), or leave it on Auto. |
| Network Interface | (Optional) Bind natmap to a specific network interface or IP address (-i). |
| Transport Protocol | The protocol to map: TCP or UDP (-u). |
| Local Bind Port | The local port or port range for natmap to use. Examples: 8080, 9000-9100. (Required) |
| STUN Server | The address and port of the STUN server. Example: stun.l.google.com:19302. (Required) |
| HTTP Keep-alive Server | The address and port of a public HTTP server to maintain the NAT session. Example: www.google.com:80. (Required) |
| Keep-alive Interval | (Optional) Seconds between each keep-alive packet (-k). |
| Forward Target Address | (Forward Mode Only) The internal IP/host to forward traffic to (-t). |
| Forward Target Port | (Forward Mode Only) The internal port to forward traffic to (-p). |
| Execute command on success | (Optional) A custom command or script to run after a mapping is successful. All parameters from natmap ($1, $2, $3, etc.) will be passed directly to your script. Example: /root/update_ddns.sh |
After making changes, click Save & Apply. The natmap service will be restarted to apply the new configuration.
If the "Instance Running Status" section shows "No running natmap instances" even after you've enabled a configuration, the natmap process likely failed to start.
The most common reason for failure is a misconfiguration or network issue. To diagnose the problem, check the system log for errors from natmap:
logread | grep natmapThis will show any error messages, such as failure to resolve a STUN server or inability to bind to a port.
This project is licensed under the MIT License - see the LICENSE file for details.
A big thank you to heiher for creating the powerful and efficient natmap utility that makes this all possible.