What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Where are the default iptables stored ?

Status
Not open for further replies.
D

Denna

Senior Member
If you install the Asuswrt-Merlin firmware, wiping out any previous configuration, where are the default iptables rules stored ?

Is there any configuration in the WebGUI that will add/modify/delete iptables rules ?
 
There are no "default rules", everything is configured by the firmware code.
 
Denna said:
Is there any configuration in the WebGUI that will add/modify/delete iptables rules ?
Click to expand...

They're in the firmware, but those are in the realm of the 3rd rail - touch them in the firmware, and you'll die.

There is a mechanism to extend them via scripts - there's plenty of posts/threads on how to do this...
 
Hard to believe these comments have lasted so long as I have had to begin the same journey. First, Merlinwrt is the firmware which is an embedded linux system, get over it.

The rules are built by shell scripts computing and issuing iptables commands, so there is no passive and declarative file, just the /jffs/scripts/firewall-start script doing its thing to kickoff the entire nearly incomprehensible process.

The convention to add your own rules or override the defaults is to put your iptables commands at the end of /jffs/scripts/firewall-start or possibly create /jffs/scripts/nat-start and make it executable for nat rules. When the router boots or the services restart those scripts will run.
 
CornfieldWin said:
Hard to believe these comments have lasted so long as I have had to begin the same journey. First, Merlinwrt is the firmware which is an embedded linux system, get over it.

The rules are built by shell scripts computing and issuing iptables commands, so there is no passive and declarative file, just the /jffs/scripts/firewall-start script doing its thing to kickoff the entire nearly incomprehensible process.

The convention to add your own rules or override the defaults is to put your iptables commands at the end of /jffs/scripts/firewall-start or possibly create /jffs/scripts/nat-start and make it executable for nat rules. When the router boots or the services restart those scripts will run.
Click to expand...
Why are you replying to a post that's over eight years old?

Your answer is also incorrect. The non-custom rules are not built by those user shell scripts but rather they are generated by the firmware code as previously stated by the developer.
 
Last edited:
1757944939898.png
 
Status
Not open for further replies.

Similar threads

S
Firewall rule to block firmware updates
Replies
5
Views
802
JGrana
JGrana
D
Entware [AX86U Merlin 3004.388.9_2] Disabling Firewall in WebUI allows Transmission to open the famous closed port, but WebUI Port Forwarding does not.
Replies
1
Views
532
dave14305
dave14305
A
"Add a Network" not working on RT-BE86U
Replies
6
Views
415
bennor
B
GWTechTalk
ASUS Merlin Scripting & T-Mobile
Replies
0
Views
414
GWTechTalk
GWTechTalk
U
Need Help Setting Up 3 VLANs (Home, Guest, IoT) on ASUSWRT-Merlin (RT-AC86U)
Replies
10
Views
2K
CornfieldWin
C
Similar threads
Thread starter Title Forum Replies Date
L Speed issue, where to start Asuswrt-Merlin 23
R Guest Network Pro in FW 3006 - different default DNS Server than in FW 3004? Asuswrt-Merlin 5
Z Change VPN Director to default enabled Asuswrt-Merlin 6
M Solved 2,4G gone after changing SSID from default one Asuswrt-Merlin 12
C Is changing Iptables in Asuswrt-Merlin considered acceptable network management practice? Asuswrt-Merlin 11
M A Question re blocking IPs via iptables and aiprotect Asuswrt-Merlin 6
R Iptables functionality on 3006.102.4 Asuswrt-Merlin 15
L iptables script by NAT-START not effective after WAN changed? Asuswrt-Merlin 2
M How to build iptables extensions Asuswrt-Merlin 3
J RT-AC88U drops the OpenVPN inbound ACCEPT iptables rule after a time Asuswrt-Merlin 14

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,031 (members: 13, guests: 1,018)
Back
Top