Trevor Matthews
New Around Here
Greetings. I just bought my AC-RT68U on the weekend and upgraded it last night to Merlin hoping to address a couple issues. One of the issues I'm having I still can't address through the web interface. I've read through a dozen posts I searched but still haven't found a silver bullet.
I'm using port forwarding to run a SSH server who's logs are being flooded with 50,000+ log on attempts daily from China mostly.
I want to block all INBOUND internet traffic on port 22 - except on 1 or 2 known IPs ranges I use.
In my research I've come to the conclusion that IPTables is what I need to do, but either my rules aren't right or something. I know too that once I get the right rule I'll have to put them in a config file in jffs land somewhere, but one thing at a time.
What I'm doing (that isn't working)
x's are IPs obviously. So first I'm inserting a rule to allow traffic from specific IPs, and then the rule to block everything else, but no luck
iptables -I INPUT 2 -p tcp -s 192.168.0.*/16,xx.xxx.0.0/16,xxx.xx.0.0/16,xxx.xx.0.0/16 --dport 22 -j ACCEPT
iptables -I INPUT 6 -p tcp --dport 22 -j DROP
Any help would be appreciated. My old router let me do inbound filters in the web UI and then attach them to a virtual server, so this is getting a little more involved for me.
I'm using port forwarding to run a SSH server who's logs are being flooded with 50,000+ log on attempts daily from China mostly.
I want to block all INBOUND internet traffic on port 22 - except on 1 or 2 known IPs ranges I use.
In my research I've come to the conclusion that IPTables is what I need to do, but either my rules aren't right or something. I know too that once I get the right rule I'll have to put them in a config file in jffs land somewhere, but one thing at a time.
What I'm doing (that isn't working)
x's are IPs obviously. So first I'm inserting a rule to allow traffic from specific IPs, and then the rule to block everything else, but no luck
iptables -I INPUT 2 -p tcp -s 192.168.0.*/16,xx.xxx.0.0/16,xxx.xx.0.0/16,xxx.xx.0.0/16 --dport 22 -j ACCEPT
iptables -I INPUT 6 -p tcp --dport 22 -j DROP
Any help would be appreciated. My old router let me do inbound filters in the web UI and then attach them to a virtual server, so this is getting a little more involved for me.