iptables

  1. G

    iptables entries not run from openvpn-event on reboot

    I'm running version 384.17 of Asuswrt-Merlin on an RT-AC66U_B1, I have an openvpn-event script in /jffs/scripts that uses a template that calls a vpnserver1-up and vpnserver1-down script. These up and down scripts contain custom rules I add to the iptables, the first and most important being the...
  2. HELLO_wORLD

    aegis: a firewall blocklist

    aegis is the successor of firewall-blocklist: https://www.snbforums.com/threads/r7800-r9000-probably-others-blocklist-based-firewall-addon.63241/ It starts with version 1.0.0, but is more recent than latest firewall-blocklist aegis A firewall blocklist script for Netgear R7800 and R9000 Routers...
  3. E

    AsusWRT Merlin iptables

    Hello there! I have several (smarthome) devices that phone home while that is not necessary due to local integration. To block devices from accessing the internet I usually use the 'Block Internet Access' function in the GUI. It seems this function uses DROP to block access. The smarthome...
  4. solstyce

    how to debug an iptable problem?

    I'm an iptables savage - I know just enough to know how thoroughly I could ruin my network configuration, and could use some help. I've tried to wrap my head around iptables several times over the years, and each time stagger away with a headache. I've run into a problem where my AC68U drops...
  5. amplatfus

    [SOLVED] Firewalling Samba for one manually assigned IP

    Hi all, I am trying to restrict access to router external USB storage with SAMBA active. I tried using below rules in firewall, but nothing worked Could you please provide some things to try? iptables -A FORWARD -s 172.16.0.242 -d 172.16.0.1 -p tcp --sport 137:139 -j DROP iptables -A FORWARD...
  6. HELLO_wORLD

    [R7800] warnings with iptables

    Hello to all, Several R7800 users (maybe other models too) noticed some warnings when restarting the firewall. It does not seem to affect the router functionality, but since a good chunk of people here, are working to make this router better, it would be nice to go to the bottom of these...
  7. HELLO_wORLD

    [R7800, R9000 & probably others] Blocklist based Firewall addon

    DEPRECATED Now use aegis: https://www.snbforums.com/threads/aegis-a-firewall-blocklist.64128/ I made a blocklist based firewall addon for myself, and I improved it to share it here as it can interest others. Firewall Blocklist Firewall blocklist script for Netgear R7800 and R9000 Routers...
  8. N

    Anybody able to get NoDogSplash working?

    I'm trying to build NoDogSplash on AsusWrt Merlin 384.14. Compile is fine, configuration also ok. But when I start nodogsplash, it complaining that iptables version is too low. It requires 1.4.17, and AsusWrt Merlin using iptables 1.4.15. Manually lower requirement to v1.4.15 cause error like...
  9. ihoman202

    Need Help Resetting IPSet / IPTables

    I have ASUS Merlin on an ASUS RT-AC68U on the latest firmware as of this post it's 384.13 and decided to try the Asus Merlin SkyNet Project but it made things really bizzard really quickly - My Family uses Charter / Spectrum and I use a Verizon Modem on my own ASUS routers - regardless both of...
  10. F

    Question regarding haproxy and iptables

    I've installed haproxy via entware so that I can tunnel both openvpn (running on router) and a separate locally hosted https server through port 443 of my router. I need to tunnel openvpn over port 443 because some WiFis block access to non standard ports and I need https over 443 so that the...
  11. P

    [R9000] iptables / dns redirect issue

    Hello, I've been having a weird issue that I've been unable to solve and could use some help. I'm running an R9000 with Voxel's latest firmware. I also have a Raspberry Pi on the network serving DNS over Cloudflared DoH (DNS over HTTPS). The R9000 IPv4 DNS is set to 10.0.0.247 (the Pi) without...
  12. macster2075

    Iptables help

    Hi.. Is there an iptable or script I can use to block a specific device (IP) from accessing a specific website?
  13. A

    Trouble Setting Up iptables

    Hello everyone, I need some help setting up iptables. I've followed this guide: https://torguard.net/knowledgebase.php?action=displayarticle&catid=60&id=165 I'm currently running the latest Merlin on a RT-AC68R and have setup OpenVPN using this guide...
  14. P

    Why my iptables LOG rule doesn't get applied for local traffic?

    I have the following rule to log traffic (for wake on LAN purposes) iptables -I FORWARD -d 192.168.1.X -p tcp --dport 7000:8332 -m state --state NEW -j LOG --log-prefix "[2WAKE] XX:XX:XX:XX:XX:XX" which does work for traffic from WAN that gets to my local network (through opened ports) but...
  15. N

    [SOLVED] Doubt about custom iptables script

    Greetings, My problem: i have a chromecast and recently some people found a way to abuse them since they open several ports to the outside. Google's answer to that was "the chromecast is working correctly, the problem is that your router is misconfigured, you need to disable upnp and the...
  16. P

    OpenVPN automatic firewall rules (iptables)

    After upgrading to 384.10_2 recently, I took a look at the automatic firewall rules created for OpenVPN server. The short script on my router looks like this. #!/bin/sh iptables -t nat -I PREROUTING -p udp --dport 1194 -j ACCEPT iptables -I INPUT -p udp --dport 1194 -j ACCEPT iptables -I OVPN...
  17. M

    Reroute dropped packets

    Packets to be dropped seem to end in filter INPUT to be discarded by the default drop rule, how to redirect them to a LAN ip to act as a catchall? Could save some trouble every time a service changes ports, it's an outwards facing box anyway so receiving unwanted traffic is no problem, or to run...
  18. T

    Allow LAN IP Through WAN

    I have the RT-AC88 running 384.7_2 with Skynet 6.6.4 in the following configuration; ISP Modem --> ASA5506W --> (WAN)ASUS ASA - Using WiFi for some nodes including TV's to bypass ASUS when I'm testing new settings ASUS - Used for OpenVPN, Network Printers, PLEX and NAS with Transmission...
  19. GHammer

    (Solved) iptables Entry Not Applied 86U 384.8

    I am trying to get traffic from one device to be available at a second device so I can sniff for certain packets. The traffic from the first device still needs to continue, not just be forwarded to the second device. I believe these are the iptables entries I need to do this. However, entering...
  20. W

    route certain domains through client vpn

    Is there a way to route certain domains through a client vpn? I have been using Asus Merlin's build for a few months now. I moved from TomatoUSB to here. There is no going back. The only thing missing is to route domain names. With the use of cloudflare and others you can't rely and ip...
Top