Trying to Block CCTV camera from getting talking to Chinese Servers - Firmware Version:386.01_2-gnuton1

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

frizby1966

New Around Here
Hi, hope someone can help. I am running DSL-AC68U with Firmware Version:386.01_2-gnuton1.

Everything works fine, however I am trying to stop a Chinese CCTV camera from logging onto a server in China and changing its time/date. I have tried using the blacklist option and through Wireshark, can see the camera logging into a couple of ip addresses in China, so have tried to block the camera talking to anything outside my Lan, and also talking to the servers and their IP ranges but it still gets through. Any thoughts? (have included Wireshark screen shot and Asus config)

Screenshot 2021-03-26 at 11.31.15.png


Screenshot 2021-03-26 at 11.28.56.png
 

Mutzli

Very Senior Member
I have a similar situation with a LeTV TV. It phones home every few minutes. I use SkyNet's country block feature to cut off any communication with servers in China (115.182.94.238):
1616763775970.png


There are at least 10 servers that are regularly contacted and blocked.
 

ColinTaylor

Part of the Furniture
Why are you trying to block 244.0.0.0/24? That's local multicast traffic so you can't block that. What is your thinking behind this? Likewise, 239.255.255.1/24 is also local multicast so those rules are also redundant.

Why not just block all traffic from the camera to the internet? At the moment you're only blocking ports 1 to 10000 which will almost certainly be ineffective as most source ports will be >32767.
 
Last edited:

frizby1966

New Around Here
Why are you trying to block 244.0.0.0/24? That's local multicast traffic so you can't block that. What is your thinking behind this? Likewise, 239.255.255.1/24 is also local multicast so those rules are also redundant.

Why not just block all traffic from the camera to the internet? At the moment you're only blocking ports 1 to 10000 which will almost certainly be ineffective as most source ports will be >32767.
@itpp20 pointed me in the right direction. Dropped the other ip addresses and blocked the entire port range and sorted the issue. Didn’t realise the the IP addresses were multicast at the time, All sorted
 

GSpock

Senior Member
If you want a clean solution to your request, have a look here:

I have been using the IPCamsBlock.sh script from @Martineau and it is working very well and in fact was created exactly to answer this purpose.
 

ColinTaylor

Part of the Furniture
@itpp20 pointed me in the right direction. Dropped the other ip addresses and blocked the entire port range and sorted the issue. Didn’t realise the the IP addresses were multicast at the time, All sorted
You don't need to explicitly enter 1-65535 as the source or destination ports. Just leaving them blank has the same effect.
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top