Recent content by SkierInAvon

I changed my public ip's (posted here) that a I posted...just a bit...didn't want to give out specific/correct public IPs for (bad actor?) to probe... Asus Merlin is locked down (pretty tight) on public WAN side (read: you can only reach Asus/Merlin from LAN side...) Thanks!

Thank you for helping. Below is a look see at the current ARP cache of my Asus Merlin... admin@RT-AC3100-4338:/# arp -a ? (50.231.190.53) at d0:21:f9:65:9c:25 [ether] on eth0 ? (50.231.190.52) at 9c:05:d6:5c:c3:f2 [ether] on eth0 ? (10.0.253.3) at dc:a6:32:ec:f6:90 [ether] on br0 ...

Asus Merlin configured LAN subnet: 10.0.5.xxx/24 Asus Merlin configured WAN: DHCP from ISP Publicly routable 50.231.190.60 Strange Asus/Merlin Log Entry: Jan 9 06:27:34 kernel: DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:60:22:32:39:5d:7d:08:00 SRC=192.168.1.20 DST=255.255.255.255 LEN=220...

Yes, A reply and a thank you! -pete

FIXED! and Working! Asus Merlin now "protecting my email server" Example below. Example is from my: /jffs/scripts/firewall-start Subnet 101.53.144.0 is located in Noida (Bakhtāwarpur), India I have no interest in allowing (any) connections to my email server - from anywhere inside of...

Thanks Colin! I followed your syntax to the letter - changed 192.168.50.10 to my email server 10.0.253.4 and tried it... No Joy...I think what I (maybe?) learning is that...when you use AsusMerlin Browser Interface and Port Forward TCP/25 to 10.0.253.4...that (web browser Asus forwarding) takes...

Thanks. However I do want to block (some) traffic from the public internet, that tries to reach my LAN, specifically TCP Port 25 inbound traffic that the Asus is set to forward to my email server on the LAN... Do you know the specific IPTABLES syntax that will block that TCP Port 25 traffic...

Trying to use Asus-Merlin on my RT-AX56U and IPTABLES to block all traffic from a specific public IP address. First, SSH into Asus Merlin as admin from the LAN interface. Issue Command: iptables -A INPUT -s 209.193.73.210 -j DROP Command seems to execute (no errors reported) yet I can...

Good Tip. -j DROP to -j logdrop Seems to be working now in the Asus/Merlin log...( I can see specific (Internet) IP addresses being Dropped from/on the WAN side of the Asus Router. What I wanted...Thanks For the record I have the Asus Log levels set to info and info Default...

#!/bin/sh # command line command service restart_firewall # sleep runs bash script 65 seconds after full boot of Merlin # below is a short sample of the bash script that is running on the WAN interface sleep 65 iptables -I FORWARD -s 1.10.185.0/24 -j DROP...

Merlin - helps protected my email server on (LAN) interface. Merlin does this by running a Bash script that deliberately drops (inbound) IP packets on the WAN Interface (read: from Internet). I maintain a list of known (spammer IP addresses/subnets) that are inside the running Bash Script. Q.)...

Thanks. I'll buy another Asus that does support Merlin. I know how to do what I want using the Merlin SW.

I have a bash script that is designed to prevent connections inbound FROM the Internet from getting through (inbound) my Asus GT-5300. I am trying to prevent my email server (SMTP Port 25) from (abusive inbound from the Internet) connections. Script is designed to just "drop" inbound packets...

My Asus Router RT-AC3200 I'll try the Entware version. Thanks.