I am following the guidance in this thread on vlans (http://www.snbforums.com/threads/fo...k-for-asus-merlin-rt-ac68u.18969/#post-143931) to accomplish the same goal: that is isolate the computers on port 4 on their own vlan that cannot access the other vlans except for the WAN gateway to the internet.
Hardware ASUS RT-N66; Merlin 380.63_2.
The result from robocfg show prior to any changes is:
When put the following in firewall-start and reboot the router, all wired access stops working. Wireless access is fine.
If I enter these commands manually via ssh, the wired network fails at
.
Any insights on where my mistake is at?
thanks
Brad
Hardware ASUS RT-N66; Merlin 380.63_2.
The result from robocfg show prior to any changes is:
Code:
admin@RT-N66R:/jffs/scripts# robocfg show
Switch: enabled gigabit
Port 0: 100FD enabled stp: none vlan: 2 jumbo: off mac: xxx
Port 1: 1000FD enabled stp: none vlan: 1 jumbo: off mac: cccc
Port 2: 1000FD enabled stp: none vlan: 1 jumbo: off mac: vvv
Port 3: DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 4: 100FD enabled stp: none vlan: 1 jumbo: off mac: bbb
Port 8: 1000FD enabled stp: none vlan: 1 jumbo: off mac: nnn
VLANs: BCM53115 enabled mac_check mac_hash
1: vlan1: 1 2 3 4 8t
2: vlan2: 0 8u
Code:
#!/bin/sh
#
robocfg vlan 1 ports "1 2 3 8t"
robocfg vlan 10 ports "4 8t"
vconfig add eth0 10
ifconfig vlan10 up
brctl addif br0 vlan10
ebtables -t broute -I BROUTING -p IPv4 -i vlan10 --ip-dst 192.168.100.0/24 --ip-proto tcp -j DROP
ebtables -t filter -I FORWARD -i vlan10 -o ! eth0 -j DROP
ebtables -t filter -I FORWARD -i ! eth0 -o vlan10 -j DROP
Code:
brctl addif br0 vlan10
Any insights on where my mistake is at?
thanks
Brad
Last edited: