R7800 Wifi router login&Dns relay

[NAMEk]

Hello dear Members and Staff...and Voxel

I want to disable admin login to the router using Wifi (any means necessary) keep it only on cable (common security practice)

Is there a workaround like nvram variable to change to make router's dhcp to report real dns servers and not itself as a relay?

I find it really weird Netgear doesn't address these issues. I apologize if these questions were already asked, feel free to give me (a) link(s) to the thread(s). And if there is some usable information to dig up about this router somewhere on the net, like nvram settings, explanations about the inner software system, I would also appreciate it if someone post those links.

Router: R7800, running Voxel's latest (R7800-V1.0.2.61SF) FW.

 

[W1lliam]

if you wanna to take fixed DNS server other than default, the router itself, here is a quick way to do it

1. Enable telnet for r7800

2. Telnet to r7800

3. change to /etc/init.d

4. vi net-lan

5. check on print_dhcpd_conf()

6. replace the line "option dns $($CONFIG get lan_ipaddr)" with "option dns aaa.bbb.ccc.ddd", where aaa.bbb.ccc.ddd is your preferred DNS server, you can create up to 3 entries.

7. save and reboot r7800

 

[NAMEk]

if you wanna to take fixed DNS server other than default, the router itself, here is a quick way to do it

1. Enable telnet for r7800

2. Telnet to r7800

3. change to /etc/init.d

4. vi net-lan

5. check on print_dhcpd_conf()

6. replace the line "option dns $($CONFIG get lan_ipaddr)" with "option dns aaa.bbb.ccc.ddd", where aaa.bbb.ccc.ddd is your preferred DNS server, you can create up to 3 entries.

7. save and reboot r7800

I don't know if we understood each other right. I want router to get DNS from ISP via dhcp, but instead of relaying them to clients via 192.168.1.1, just pass them through.
Btw I have ssh configured.

My priority #1 is to disable admin router login via WiFi.

Thanks W1lliam.

 

[W1lliam]

I don't know if we understood each other right. I want router to get DNS from ISP via dhcp, but instead of relaying them to clients via 192.168.1.1, just pass them through.
Btw I have ssh configured.

My priority #1 is to disable admin router login via WiFi.

Thanks W1lliam.

1. revise print_dhcpd_conf()
remove "option dns $($CONFIG get lan_ipaddr)"
2. Create new funtion add_dns_conf() as below

add_dns_conf()
{
[ "x$($CONFIG get wan_ether_dns1)" != "x" ] && echo "option dns $($CONFIG get wan_ether_dns1)" >> /tmp/udhcpd.conf
[ "x$($CONFIG get wan_ether_dns2)" != "x" ] && echo "option dns $($CONFIG get wan_ether_dns2)" >> /tmp/udhcpd.conf
[ "x$($CONFIG get wan_ether_dns3)" != "x" ] && echo "option dns $($CONFIG get wan_ether_dns3)" >> /tmp/udhcpd.conf
}

3. Revise start_dhcpd()
add add_dns_conf below print_dhcp_conf > /tmp/dhcpd.conf

start_dhcpd()
{
[ "$($CONFIG get lan_dhcp)" = "0" ] && return
print_dhcpd_conf > /tmp/udhcpd.conf
add_dns_conf
udhcpd /tmp/udhcpd.conf
}

As to disable admin login for WiFi clients, need some more time to study if that is possible.

William

 

[NAMEk]

Much appreciated W1lliam. Karma points are on the way.
Everything is possible, I wish I could study it somehow too. Do you know way to extract files from firmware?