1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

How to entirely block certain external IP ?

Discussion in 'Asuswrt-Merlin' started by RejZoR, Mar 14, 2018.

  1. RejZoR

    RejZoR Occasional Visitor

    Joined:
    Jun 25, 2017
    Messages:
    34
    I'm using Merlin 384.4 Beta3 and I keep getting access reports from AiProtection Two Way IPS from same IP's. How can I set router to just straight block ANY connections to me from those IP's? Where can I do that in router settings?

    Thx
     
  2. skeal

    skeal Part of the Furniture

    Joined:
    Apr 30, 2016
    Messages:
    2,122
    Location:
    /etc
    Install AMTM by ssh and from there install Skynet. In Skynet you can block any ip you want....;)
     
    SMS786 and PDinDetroit like this.
  3. PDinDetroit

    PDinDetroit Regular Contributor

    Joined:
    Dec 14, 2017
    Messages:
    50
  4. RejZoR

    RejZoR Occasional Visitor

    Joined:
    Jun 25, 2017
    Messages:
    34
    Lets say I'm not in the mood of installing anything extra on it. What can I do with router as it is with Merlin firmware? No setting within Firewall that can do this or some other existing module?
     
  5. skeal

    skeal Part of the Furniture

    Joined:
    Apr 30, 2016
    Messages:
    2,122
    Location:
    /etc
    Not that I'm aware of. You could use keyword filtering which is native to the firmware.
     
  6. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    6,977
    Location:
    UK
    You don't need to do anything, the router blocks all unsolicited incoming connections by default. The only thing that has changed is that AiProtection is giving you more information than before.

    https://www.snbforums.com/threads/trend-micro-two-way-ips-hits.43207/#post-381333

    You could create a firewall-start script if you wanted, but you'd really just be duplicating the existing firewall rules.
     
  7. DonnyJohnny

    DonnyJohnny Very Senior Member

    Joined:
    Dec 17, 2017
    Messages:
    649
    I think ai protection come first then followed by ipset blocked by Skynet.
    I tested blacklist ip from those i got from ai protection, it was stopped at ai protection and Skynet log didn’t pick up those IP address.

    Just don’t open unnecessary service to the internet, you will be fine. All internet noise are dropped by default.