What's new

A way to drop TCP RST packets on Merlin firmware?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

sanke1

Senior Member
Is there a script which will drop or ignore TCP RST packets because most ISPs here block random websites arbitrarily without court orders. For example m.telegram.com or mega.nz. They are legit sites but they are blocked by ISP's transparent proxy which intercepts my queries, adds TCP RST packet and sends them back to me. I get Peer Reset Error. There are few softwares on Widnows which drop TCP RST packets and make all websites accessible, however, I am wondering if this is something that can be done on router level as well?
 
Something like this in a firewall-start script?
Code:
iptables -I FORWARD -i $(nvram get wan0_ifname) -p tcp -m tcp --tcp-flags RST RST -j DROP

I'd wonder whether this might cause problems for you in the long run. If you're dropping all RST packets including legitimate ones then I suppose it's possible that your router or PC might become incapable of creating new connections.
 
Last edited:
  • Like
Reactions: ika

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top