Search found 33 matches
| Author | Message |
|---|---|
 Topic: How to best lockdown router with iptables |
|
| inetquestion Replies: 1 Views: 39 |
 Forum: Advanced Networking Posted: Mon Jan 30, 2023 20:49 Subject: How to best lockdown router with iptables |
| Is there a list of FW rules which can be added to iptables to bolster security. Would like to lock it down much more than the check boxes provided within the gui.
Running version r51506 on linksys ... |
|
 |
|
| Topic: [SOLVED]Firewall script present, but doesn't do anything |
|
| inetquestion Replies: 9 Views: 198 |
Forum: Advanced Networking Posted: Mon Jan 30, 2023 1:42 Subject: [SOLVED]Firewall script present, but doesn't do anything |
| Out of curiosity, why is using ipset so much faster than adding rules through iptables? It's orders of magnitude faster. For ~10,000 addresses it took around 200-300 seconds to add them. Now it can ... | |
|
|
| Topic: [SOLVED]Firewall script present, but doesn't do anything |
|
| inetquestion Replies: 9 Views: 198 |
Forum: Advanced Networking Posted: Sun Jan 29, 2023 3:30 Subject: [SOLVED]Firewall script present, but doesn't do anything |
| Adding ipset command in the firewall script first fixed it. Didn't realize iptables did a verification to ensure that existed, but it makes sense now. :)
Thanks for the assistance! |
|
|
|
| Topic: [SOLVED]Firewall script present, but doesn't do anything |
|
| inetquestion Replies: 9 Views: 198 |
Forum: Advanced Networking Posted: Sun Jan 29, 2023 3:24 Subject: [SOLVED]Firewall script present, but doesn't do anything |
| The ipset list is created by an external process which updates every minute with new entries. Think I see what you mean...
A test showed I'm unable to issue the iptables command if the ipset part ... |
|
|
|
| Topic: [SOLVED]Firewall script present, but doesn't do anything |
|
| inetquestion Replies: 9 Views: 198 |
Forum: Advanced Networking Posted: Sat Jan 28, 2023 19:51 Subject: firewall script not applied after reboot. |
| Currnetly running version: v3.0-r51306
Linksys WRT3200ACM Many IPs were added to an ipset list named BLOCKED. This part is working. The part I'm confused about is why doesn't the rule below wh ... |
|
|
|
| Topic: [SOLVED]Firewall script present, but doesn't do anything |
|
| inetquestion Replies: 9 Views: 198 |
Forum: Advanced Networking Posted: Sat Jan 28, 2023 15:40 Subject: [SOLVED]Firewall script present, but doesn't do anything |
| Saved an entry in Administration>Commands>Firewall
[code] iptables -I FORWARD -m set --match-set BLOCKED src -j logdrop [/code] Verified the entry above was saved to /tmp/.rc_firewal ... |
|
|
|
| Topic: iptables - programmatically examine dropped IPs? |
|
| inetquestion Replies: 1 Views: 197 |
Forum: Advanced Networking Posted: Fri Oct 21, 2022 21:26 Subject: iptables - programmatically examine dropped IPs? |
| Existing process creates a logdrop entry for offending IPs in iptables. Would like to see how often blocked IPs gets dropped afterward.
Looked in /var/log/messages and see nothing related to dr ... |
|
|
|
| Topic: Enable/Disable Iptables rule via cron... |
|
| inetquestion Replies: 8 Views: 1137 |
Forum: Advanced Networking Posted: Fri Jan 28, 2022 18:41 Subject: iptables additions not taking affect when updated via cron |
| Curious if you figured this out. Doing something similar...
If my script is run manually, it makes iptables additions as expected. The script when run via cron is running and is executing the com ... |
|
|
|
| Topic: Host/network blocking based on IDS scan |
|
| inetquestion Replies: 0 Views: 1477 |
Forum: Advanced Networking Posted: Wed Jan 12, 2022 13:07 Subject: Host/network blocking based on IDS scan |
| Came across an old program (scalp) which scans access logs looking for regex of known security exploits... Thought it would be interesting to integrate this with dd-wrt/iptables to block source of at ... | |
|
|
| Topic: need help Setting QoS via command line (telnet or ssh) |
|
| inetquestion Replies: 12 Views: 8867 |
Forum: Advanced Networking Posted: Sat Oct 30, 2021 19:03 Subject: what was resolution? |
|
Curious, did you resolved the issue/question with QOS? I'm getting something similar with SSH accepting authentication and then hanging. Many of the threads on that topics are pointing to QOS re ... |
|
|
|
| Topic: TFTP upload script with menu - waits until host available |
|
| inetquestion Replies: 3 Views: 13007 |
Forum: Contributions Upload Posted: Mon Oct 11, 2021 13:28 Subject: TFTP upload script with menu - waits until host available |
| Wondered why the HOST was in the *config* section... smh | |
|
|
| Topic: TX Power on status page for wlan2 reports 0 dBm. |
|
| inetquestion Replies: 4 Views: 1460 |
Forum: Marvell MVEBU based Hardware (WRT1900AC etc.) Posted: Thu Jul 22, 2021 15:48 Subject: TX Power on status page for wlan2 reports 0 dBm. |
| Don't want to sound like a party pooper but it's been repeated 100's of times that WLAN2 is for Radar detection and should not be used as a regular AP. It does work but has no antennas and is very lim ... | |
|
|
| Topic: TX Power on status page for wlan2 reports 0 dBm. |
|
| inetquestion Replies: 4 Views: 1460 |
Forum: Marvell MVEBU based Hardware (WRT1900AC etc.) Posted: Thu Jul 08, 2021 23:24 Subject: TX Power on status page for wlan2 reports 0 dBm. |
| Title says it all...
Status=>Wireless->wlan2 Also occurs on the info page. Router: wrt3200acm Firmware: r47033 Yes, wlan2 is active and has clients connected to it. |
|
|
|
| Topic: Change DNSMasq options on the fly based on svr availability |
|
| inetquestion Replies: 2 Views: 642 |
Forum: Advanced Networking Posted: Tue Jul 06, 2021 22:54 Subject: Change DNSMasq options on the fly based on svr availability |
| Running piHole on another machine and put the following setting in dnsmasq to issue this server as the DNS server:
6,192.168.0.2 Occasionally piHole goes down and everything on the network is ... |
|
|
|
| Topic: TFTP upload script with menu - waits until host available |
|
| inetquestion Replies: 3 Views: 13007 |
Forum: Contributions Upload Posted: Mon Jun 28, 2021 15:49 Subject: TFTP upload script with menu - waits until host available |
| Choose image file to upload, then go. Script waits for target host to be available on network before attempting to upload file.
Used this on a Mac, should be portable across multiple *nix flavors. ... |
|
|
|
| All times are GMT |