Mistermoonlight
Regular Contributor
Ok i am using latest merlin firmware 3.0.0.4.270.24.
There is a big problem with the parental control logic.
1- Create a rule in firewall Network Services Filter while parental control is OFF: for example block tcp dest 80 to dest 179.*.*.* (google server) for any source ip on the lan (ex 192.168.1.*). The filtering is working correctly when the rules is active.
2- Create a parental control setup for a specific mac address on your network with a time schedule for this mac address to have internet access. The Parental control for this mac appears to follow the defined schedule correctly and blocks the access accoring to the schedule (when there is no rule defined at step 1).
3- While the parental control is active from item 2 above, the previous firewall filtering rule (at step 1) is not working anymore for the other mac device on the network.
By looking through a telnet session the iptables generated before step 2 above and after step 2, we can see that the filtering rule from step 1 has been moved from chain FORWARD to chain PControls.
I guess this bug is also there in original asus firmware, but did not tried it.
This make the use of both features at the same time problematic
There is a big problem with the parental control logic.
1- Create a rule in firewall Network Services Filter while parental control is OFF: for example block tcp dest 80 to dest 179.*.*.* (google server) for any source ip on the lan (ex 192.168.1.*). The filtering is working correctly when the rules is active.
2- Create a parental control setup for a specific mac address on your network with a time schedule for this mac address to have internet access. The Parental control for this mac appears to follow the defined schedule correctly and blocks the access accoring to the schedule (when there is no rule defined at step 1).
3- While the parental control is active from item 2 above, the previous firewall filtering rule (at step 1) is not working anymore for the other mac device on the network.
By looking through a telnet session the iptables generated before step 2 above and after step 2, we can see that the filtering rule from step 1 has been moved from chain FORWARD to chain PControls.
I guess this bug is also there in original asus firmware, but did not tried it.
This make the use of both features at the same time problematic