Recent content by lopperman

Thank you for the detailed response and corrections. You're right about the DNS response mechanism - I was imprecise. Responses from upstream DNS use the RELATED,ESTABLISHED rule, not an inbound port 53 rule. I've checked the chains you mentioned: - URLFI - empty - PTCSRVWAN - empty -...

For anyone still watching this thread, Just wanted to provided a high-level summary of what I saw, and what I did to correct things. It is possible that I had unknowing done something with a script that caused the bad behavior when I installed AdGuard, but I don't honestly think it was 'me'...

I knew it wasn't blocking when I started seeing external ip addresses show up in my AdGuard home client list. Because you asked: iptables -v -S INPUT iptables -v -S INPUT -P INPUT ACCEPT -c 0 0 -A INPUT -i eth0 -p tcp -m tcp --dport 8443 -c 3 132 -j DROP -A INPUT -i eth0 -p tcp -m tcp --dport...

My WAN facing router (RT-BE92U) was not blocking the default (WAN TCP/UDP 3000) port used by AdGuard

FYI, here's the changes I made to the /jffs/scripts/firewall-start: File: /jffs/scripts/firewall-start --- #!/bin/sh # Block external access to services from WAN (eth0) # DNS (AdGuard Home) iptables -I INPUT -i eth0 -p udp --dport 53 -j DROP...

Disclaimer: I'm by no means a security expert, and I acknowledge that some of the issues I found after installing AdGuardHome could be caused by my own configuration mistakes, or might have nothing to do with AdGuardHome. I installed AdGuardHome today (version 1.9.3, via amtm). I'd been...