zoggy
Occasional Visitor
Using an ASUS RT-AC66U with merlin firmware 380.64_2
I want to lock down a port (3306) so its LAN only, drop it if it comes from outside the network.
I can't find an easy way to do this via the gui.. I do have DMZ enabled and set for a device.
I have a firewall-start script ( https://github.com/RMerl/asuswrt-merlin/wiki/Using-ipset ), I added the relevant rules and it works.. just curious if there is a better way of doing this?
iptables -I INPUT -p tcp --dport 3306 -s 192.168.0.0/24 -j ACCEPT
iptables -I INPUT -p tcp --dport 3306 -s 127.0.0.0/8 -j ACCEPT
iptables -I INPUT -p tcp --dport 3306 -j DROP
I want to lock down a port (3306) so its LAN only, drop it if it comes from outside the network.
I can't find an easy way to do this via the gui.. I do have DMZ enabled and set for a device.
I have a firewall-start script ( https://github.com/RMerl/asuswrt-merlin/wiki/Using-ipset ), I added the relevant rules and it works.. just curious if there is a better way of doing this?
iptables -I INPUT -p tcp --dport 3306 -s 192.168.0.0/24 -j ACCEPT
iptables -I INPUT -p tcp --dport 3306 -s 127.0.0.0/8 -j ACCEPT
iptables -I INPUT -p tcp --dport 3306 -j DROP
Last edited: