iptables

I use my router as SSH proxy with up to 15 connections from the same IP at a time. That triggers a bruteforce protection hitcount. I don't want to disable a bruteforce protection completely. What would be the best way to increase hitcount number?

Hello everyone... My googlefu has grown weak and I can't find the answer Im looking for :( Running 380.69_2 on a RT-N66U. Have 'iptables -I FORWARD -s x.x.x.x -j DROP' saved in firewall-start and shows as a valid rule running iptables -L Question is. Is there a way to log every time this IP...

Hi, I am running ASUS Firmware 3.0.0.4.384_20308 I am using "iptables -I FORWARD 8 -i br0 -j logaccept" as suggested in this discussion. It logs all the outgoing connections. Ex. Feb 10 17:01:49 kernel: ACCEPT IN=br0 OUT=eth0 SRC=192.168.2.243 DST=208.67.222.222 LEN=57 TOS=0x00 PREC=0x00...

I have setup an OpenVPN server on my RT-AC66U_B1 running Asuswrt-Merlin v380.69. Thanks in part to the script found here https://www.snbforums.com/threads/how-to-set-a-static-ip-to-openvpn-tun-clients.37983/#post-315194 I have the clients working with static IP's when they connect. My next...

I have a computer on my local LAN that I wish to only be able to make DNS queries and OpenVPN connections to the outside world, everything else should be dropped. In other words, if it's VPN connection goes down, I want it cut off. But I'm not sure how to do this... I thought this would work...

Hi All, RE: Could someone please explain the specific steps, and what code i need to add/change in asuswrt-merlin, in order to use iptables or another approach to increase my stock firewall 32 rule limit. I am a newbie regarding the use of asuswrt-merlin. I have the stock asuswrt firmware...

I have been able to download openvpn software on desktops and phones, and all successfully run through the ac88u as a server. What I cannot figure out is how to run the router so that all devices can connect to it as clients of the openvpn. So for example, items such as smart tv's and fire tv...

Recently I've known about such util as psad which serves for analyzing iptables logs and detection/prevention of intrusions and suspicious activity in realtime. Is it worth it to install it locally on router as an security solution and have anybody ever had such experience? Just out of...

Hello everyone! Here is my environment. AsusWRT-Merlin FW 380.67 on Asus RT-AC88U OpenVPN Client setup on my router using AirVPN OpenVPN Server enabled on my router with 10.8.0.0/24 Internal home LAN with 192.168.x.x/24 I have a FreeNAS server running multiple jails 192.168.1.26 =...

So I telnet to my router and enter my iptables commands: iptables -I FORWARD -o eth0 -m state --state NEW -j DROP iptables -I FORWARD -o eth0 -d x.x.x.x/24 -m state --state NEW -j ACCEPT iptables -A INPUT -s y.y.y.y -j DROP iptables -A OUTPUT -d y.y.y.y -j DROP Works fine, but those rules will...

What are these iptables rules -j names for ? PTCSRVLAN PTCSRVWAN ipttolan iptfromlan

If you install the Asuswrt-Merlin firmware, wiping out any previous configuration, where are the default iptables rules stored ? Is there any configuration in the WebGUI that will add/modify/delete iptables rules ?

I've got a quick technical question that I am sure could be easily answered by someone with moderate experience using iptables. I've literally spent about 8 hours searching, reading, and experimenting to try to figure this out, but I have had no luck so far. Background Info: I am running an...

I found out that Spotify no longer works on any of my devices. Searching the forum I found this and crawling the rest of the internet if found this. From what I've understand, I should withlist the CIDR's below and open port 4070 for in- and outbound TCP traffic (please do correct me if I'm...

I know just enough to accidentally do very terrible things to my system, but I follow directions very well. :D I have an Asus RT-AC68U router flashed to merlin firmware version RT-AC68U_380.66_4 I want to insert an iptables script to automatically set the TTL value to 65 for all connected...

I have had some custom rules in place for the last 2 years (white list sets) that has worked perfectly with my old N66U. However, getting a new AC68U and upgrading to the latest Merlin v380.66_4 I noticed that my scripts no longer work. Most likely due to an updated updated kernel and new...

I share here the parental control that I have begun to use at home for my student siblings, in case it can be useful to any other person. It may also serve as more examples of iptables – ipsets and traffic control. It is based on the available Merlin’s parental controls, to which I’ve added...

Hi: I'm beginning to learn something about the iptables to develop a simple parental control. Experimenting, I've found the following for me unexplainable behaviour: From my Android mobile in the wireless WIFI LAN at 192.168.1.9, with Dolphin Browser, I try to visit a web page (for instance...

Here Is my Scenario : REFS: ROUTER1------------ -IS A ROUTER/MODEM combo. and connects to internet through Isp phone line. Does not support dd-wrt firmware, so the need for second router ROUTER2..............just router only, connects to the wan port of Router1 to get to internet, Flashed...

Started a general discussion thread so that everyone can pitch in with their opinions about the ways which using iptables and ipsets can benefit the end user.