What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Recent content by johhnyu

  1. johhnyu

    5G Clients show as Wired!

    There's a bug in an AsusWRT closed-source component that lists guest wireless client as wired in the client list, that could be it.
  2. johhnyu

    [Release 384/NG] Asuswrt-Merlin 384.5 is now available

    Wow, it's broken in stock AsusWRT also? That's a bummer.
  3. johhnyu

    Control LAN Access via iptables

    Oh, great! Looking forward to it. I'm trying desperately to avoid buying a separate PFsense box from Aliexpress.
  4. johhnyu

    [Release 384/NG] Asuswrt-Merlin 384.5 is now available

    The bug where guest wifi hosts show as ethernet in the network map was not fixed in 384.5. Is this on the roadmap for 384.6?
  5. johhnyu

    Control LAN Access via iptables

    I want to selectively allow some IOT devices to access some hosts on my LAN, then reject all others. YazFi looks promising, but it lists LAN access as an upcoming feature, so not available yet. Also it looks like when that feature is added, it will work just like the "allow intranet" switch in...
  6. johhnyu

    Control LAN Access via iptables

    My guess is your torrent client is checking to ensure that port 6880 is actually open somehow. So is there any way to use the ebtables functionality inside AsusWRT/Merlin to do selective LAN filtering?
  7. johhnyu

    Control LAN Access via iptables

    Unfortunately not, I need several of the IOT devices to access selected hosts on my intranet. The Harmony hubs controls some devices over IP, the alexas/google homes need to connect to my Sonos speakers, etc. I guess the real solution is to setup tagging and VLANs, but unfortunately...
  8. johhnyu

    Control LAN Access via iptables

    Yeah, that's what I suspected in the OP. :(
  9. johhnyu

    Control LAN Access via iptables

    OK, I just ran a very simple forward rule, trying to block connections from .202 to .200, and that did not work. Had a ping running the whole time. I also confirmed it shows up at the very top of the "iptables -L FORWARD" rule list. As it should, because I used the insert flag rather than...
  10. johhnyu

    Control LAN Access via iptables

    That is filtering by interface, what I was trying to do is at the IP level like the below. Is it only possible at the interface level? I did also try similar FORWARD rules as I always confuse them. Just predicting what you're gonna say. :) I didn't do any connection tracking; didn't get that...
  11. johhnyu

    Control LAN Access via iptables

    Is it possible to control LAN access via iptables? I have a bunch of IOT devices that I want to access the internet and (and this is the kicker) accept incoming connections from specific hosts inside my LAN, but not create their own connections to hosts in my LAN. It looks like iptables rules...
  12. johhnyu

    [Release 384/NG] Asuswrt-Merlin 384.4 is now available

    OK, so known bug then, thanks. Hopefully I don't see lockups, that's much more serious than a mislabeled network map!
  13. johhnyu

    [Release 384/NG] Asuswrt-Merlin 384.4 is now available

    Running 384.4_2 on an AC-68u. Upgraded fine, initialized to stock, then reapplied all my settings from screenshots. Everything functions, but the network map listing shows many of my wireless clients as connected via ethernet. I believe they are on my guest network, all IOT devices I try to...
  14. johhnyu

    18Mbps NordVPN on AC68u so easy...what's your speed?

    18Mbps is terrible. The real problem is that OpenVPN is a pig. Wireguard fixes that problem and many others too-- for example, if you join a VPN on your mobile phone and then switch networks, it will immediately reconnect with no delay and lost of connectivity. Check out the link below. Anyway...
  15. johhnyu

    Does T-Mobile/ASUS TM-AC1900 (RT-AC68U) Support Merlin?

    Yeah, not too worried about that. Thanks for the help! Edit: Since it looks like the next version of merlin will indeed update the CFE, I changed my T-mobile router over to the latest asus firmware, replacing the MAC addresses and WPS secret. Worked fine.
See more
Back
Top