Menu
What's new
By:
Filters Better Search

iptables FORWARD and NSFW

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

F

frequenzy

Occasional Visitor
Hi,

Currently using Asus Merlin on AC68U. If I want to block a specific IP and port via iptables, should it be inserted on FORWARD or NSFW?

on FORWARD
iptables -I FORWARD -s 1.1.1.1/32 -i br0 -o vlan2 -p tcp -m tcp --dport 853 -j DROP

on NSFW
iptables -I NSFW -s 1.1.1.1/32 -i br0 -o vlan2 -p tcp -m tcp --dport 853 -j DROP

Also for the jffs/scrips, should I insert the line on nat-start or firewall-start?
 
Use FORWARD, INPUT or OUTPUT. NSFW is a chain used by the webui-managed Network Service Firewall, I don't recommend manually messing with it.

Anything changed in the filter table should go to firewall-start, and the mangle/nat tables should go in the nat-start script.
 
If your objective is to stop clients accessing Cloudflare's DoT servers then I suggest that you use the Network Services Filter as that will create the rules for you. As it stands your command won't work because you have specified 1.1.1.1 as the source address instead of the destination.
 
You must log in or register to reply here.

Similar threads

R
Script to detect backup wan and disable certain devices from internet access
Replies
0
Views
341
RandomUser777
R
R
One router, two segments desired.
Replies
4
Views
393
Rombo
R
GShlomi
Sharing my DualWan with port forwarding and DDNS experience
Replies
0
Views
146
GShlomi
GShlomi
H
Port Forwarding Over WireGuard Connection?
2
Replies
22
Views
2K
houmi
houmi
PaulA
Port isolation on RT-AX88U-Pro (router) w/ Merlin w/ Tagged internet ISP
Replies
1
Views
287
PaulA
PaulA
Similar threads
Thread starter Title Forum Replies Date
SkierInAvon Asus Merlin - iptables command (not working?) Asuswrt-Merlin 8
v.y.k iptables pkts & bytes numbers are too low on Merlin 3004.388 Asuswrt-Merlin 13
M iptables module rateest - loadbalancing split over Asuswrt-Merlin 0
A Entware iptables no chain/target/match and tcpdump problems Asuswrt-Merlin 3
Z wgclient-start with iptables nat rules after router reboot Asuswrt-Merlin 19
H Does VPN Director Use Routes or IPTables Rules To Route Clients Over a VPN Connection? Asuswrt-Merlin 5
H Does firewall-start Script Ever Run Twice With Same iptables Rules? Asuswrt-Merlin 13
L merlin default iptables. why are there strange logdrops for specific pattens and ips? Asuswrt-Merlin 3
NoBenefit Does my iptables looks normal? Asuswrt-Merlin 1
J Allowing just one device to subnet (iptables or Network Services Filter?) Asuswrt-Merlin 0

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 821 (members: 18, guests: 803)
Top