ipset
-
Port Forwarding and Skynet firewall ruleset
Hi everyone, playing a bit with log management / analysis and potential feedback loop to live firewall rules. Call it a poor man tinkerer IDS/IPS :D I have a fairly simple setup with RT-AC88U (with Skynet) using port forwarding rules on ports 80 and 443, redirecting to a Docker-ised rPi4...- Phantomski
- Thread
- ipset iptables port forwarding skynet
- Replies: 7
- Forum: Asuswrt-Merlin
-
Tutorial Using TOR to unblock sites blocked by ISP on [Fork] Asuswrt-Merlin 374 LTS
Install MicroSD into device. Format MicroSD as a single partition and install Entware on it using amtm. [/SPOILER] UPD: script updated, no more spam.- MON@H Rasta
- Thread
- ipset tor
- Replies: 14
- Forum: Asuswrt-Merlin
-
Aegis Aegis (simple yet effective protection)
Due to new forum rules on threads older than six months, here is a fresh new one, good until April 2021. Previous thread Aegis A firewall blocklist script for Netgear R7800 and R9000 Routers with Voxel firmware. Should work with some other models as well. What is it? It is a script that...- HELLO_wORLD
- Thread
- aegis block firewall ipset iptables
- Replies: 327
- Forum: NETGEAR AC Wireless (Wi-Fi 5)
-
Aegis aegis: a firewall blocklist
aegis is the successor of firewall-blocklist: https://www.snbforums.com/threads/r7800-r9000-probably-others-blocklist-based-firewall-addon.63241/ It starts with version 1.0.0, but is more recent than latest firewall-blocklist aegis A firewall blocklist script for Netgear R7800 and R9000 Routers...- HELLO_wORLD
- Thread
- blocklist ipset iptables malware r7800 r9000 voxel
- Replies: 177
- Forum: NETGEAR AC Wireless (Wi-Fi 5)
-
[R7800, R9000 & probably others] Blocklist based Firewall addon
DEPRECATED Now use aegis: https://www.snbforums.com/threads/aegis-a-firewall-blocklist.64128/ I made a blocklist based firewall addon for myself, and I improved it to share it here as it can interest others. Firewall Blocklist Firewall blocklist script for Netgear R7800 and R9000 Routers...- HELLO_wORLD
- Thread
- filtering firehol firewall iprange ipset ipset iptables whitelist blocklist iptables r7800 r9000
- Replies: 133
- Forum: NETGEAR AC Wireless (Wi-Fi 5)
-
W
route certain domains through client vpn
Is there a way to route certain domains through a client vpn? I have been using Asus Merlin's build for a few months now. I moved from TomatoUSB to here. There is no going back. The only thing missing is to route domain names. With the use of cloudflare and others you can't rely and ip...- waeking
- Thread
- dnsmasq ipset iptables openvpn
- Replies: 64
- Forum: Asuswrt-Merlin
-
D
Blocklist ipset logging
When creating an iptables rule that adds an address to a blocklist ipset, is there a way to know when the maxelem value has been exceeded ? Below is an example rule: iptables -t mangle -I PREROUTING -i eth0 -m state --state NEW -j SET --add-set BLOCKLIST src At the command-line, when...- Denna
- Thread
- ipset logging
- Replies: 21
- Forum: Asuswrt-Merlin
-
D
How to create a persistent ipset ?
I'm trying to create a persistent ipset that is regularly backed up with a cron job. The problem I'm running into is testing whether or not the "ipset restore" restore file exists. Step 1 If the restore file doesn't exist, create the file: /path/LIST.sav with the following contents: create...- Denna
- Thread
- ipset persistent
- Replies: 9
- Forum: Asuswrt-Merlin
-
J
Juglar Parental Control, with Anti-Gaming Periodic Speed Limiting
I share here the parental control that I have begun to use at home for my student siblings, in case it can be useful to any other person. It may also serve as more examples of iptables – ipsets and traffic control. It is based on the available Merlin’s parental controls, to which I’ve added...- Juglar
- Thread
- anti-gaming bandwidth limiting game control ip-mac white list ipset iptables parental control speed limiting traffic control
- Replies: 2
- Forum: Asuswrt-Merlin
-
S
The optimum way to use iptables and ipsets
Started a general discussion thread so that everyone can pitch in with their opinions about the ways which using iptables and ipsets can benefit the end user.- spalife
- Thread
- firewall ipset iptables
- Replies: 1
- Forum: Asuswrt-Merlin
-
S
:: ipBLOCKer :: Category blocking using iptables and ipsets
Blocks IPs & CIDR's tagged as Adware Country Custom ETF Malware Shalla(exp) Spam Tor-Exits Current Version: 1.1 See ChangeLog1_1.txt on github or on post2 if upgrading from Version 1.0 :: Features :: - Command Line Driven with Menu Assist - Category based Blocking - Select Categories to Block...- spalife
- Thread
- blocklist category custom filtering firewall ipset iptables net filter refresh whitelist
- Replies: 81
- Forum: Asuswrt-Merlin
-
Yet another malware block script using ipset (v4 and v6)
As if we don't have enough already :p Here is yet another malware blocking script that uses ipset (v4 and v6). So why put up another one? Over 650 Million unique IPs blocked Simpler (minimalist script with only 26 lines (which includes a couple of blank lines and comment lines) Quicker...- redhat27
- Thread
- bruteforce ipset malware ransomware
- Replies: 512
- Forum: Asuswrt-Merlin
-
D
Using a script to populate an ipset set with DHCP addresses
I'm trying to create a script that adds DHCP addresses to an IP set. 1) Determine the DHCP address range with the following values. nvram get dhcp_start = 192.168.1.2 nvram get dhcp_end = 192.168.1.4 2) Create a DHCP IP set called DHCP_CLI. ipset create DHCP_CLI bitmap:ip range 192.168.1.0/24...- Denna
- Thread
- dhcp ipset
- Replies: 5
- Forum: Asuswrt-Merlin
-
Custom firewall-start script for OpenVPN (country allow list)
Hi guys, I've been a reader of this forum for quite some time and I have a RT-AC68U for almost 2.5 years now but flashed Merlin's firmware last week. My reason was to flash was OpenVPN 2.4.x. My Synology was a bit behind and I don’t like services being exposed to the internet when they are not...- zmaster
- Thread
- country firewall ipset iptables openvpn script
- Replies: 5
- Forum: Asuswrt-Merlin
-
Privacy Filter (Another IPSET Script)
Hi Everyone, I'm back with another IPSET for your firewall this time around its for blocking Telemetry and some Android Rootkit along with Shodan.io Scanners. For official installatins instructions and more information please consult the wiki about the information. NOTE: for all users running...- swetoast
- Thread
- blocker ipset iptables privacy script shodan.io telemetry
- Replies: 385
- Forum: Asuswrt-Merlin
-
K
Malware Filter / bad host IPSET
Hello, I am trying to block outbound connects to know bad host from my LAN/ Wireless. I am running the script located below and have the below firewall rules so it looks to be working. Any know what else to check? Running this script under the heading "Malware Filter"...- kobejo34
- Thread
- firewall ipset malware
- Replies: 508
- Forum: Asuswrt-Merlin
-
Skynet Skynet - Router Firewall & Security Enhancements
For support requests and questions please use the Github Issue Tracker where this script is actively maintained Skynet - Router Firewall & Security Enhancements Elevate your home network security with Skynet, a robust firewall and security tool meticulously crafted for ASUS routers running...- Adamm
- Thread
- ban blacklist block country firewall ipset iptables malware security skynet
- Replies: 7,687
- Forum: Asuswrt-Merlin AddOns