Access restrictions: What am I missing?

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Author Message
tld
DD-WRT Novice


Joined: 26 Nov 2016
Posts: 11

PostPosted: Mon Jan 01, 2018 18:56    Post subject: Access restrictions: What am I missing? Reply with quote
I'm trying to use the access restrictions to block my LG TV from being able to update the firmware, by blocking the three sites mentioned here:

https://github.com/joey-astrologo/OLED55-65B6-Downgrade

It doesn't seem to be working at all, and I'm lost as to what I'm missing. Here's what I've done:

a) I enabled policy 1 and titled it "LG Updates".

b) I clicked Edit List of Clients and use the MAC address section to enter the MAC address of the TV (this is all I should need correct?).

c) I choose the "Filter" option.

d) I left it set to every day and 24 hours.

e) I entered the three domain name (snu.lge.com, lgtvonline.lge.com, su.lge.com) under Website Blocking by URL Address, and applied.

This simply doesn't appear to be working. Am I missing something there?

EDIT: Meant to mention that I'm running 10-20-2017-r33555 on a Linksys WRT1900ACS.

Thanks!
Tom
Sponsor
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Mon Jan 01, 2018 19:35    Post subject: Reply with quote
2 ways to go

1. block those sites via DNSmasq commands
add those lines on additional DNSmasq option

address=/snu.lge.com/0.0.0.0
address=/lgtvonline.lge.com/0.0.0.0
address=/su.lge.com/0.0.0.0

or

2.block them via iptables - just add those lines on administration>commands and click save firewall

iptables -I FORWARD -s 136.166.4.110 -j DROP
iptables -I FORWARD -s 63.123.46.16 -j DROP
iptables -I FORWARD -s 96.17.177.24 -j DROP
iptables -I FORWARD -s 96.17.177.9 -j DROP

you can do both if you'd need

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
tld
DD-WRT Novice


Joined: 26 Nov 2016
Posts: 11

PostPosted: Mon Jan 01, 2018 19:59    Post subject: Reply with quote
Awesome beyond words! The DNSmasq option works perfectly for me. I was leery of trying to use iptables as those domains tend to be aliases to Akamai etc, and the IPs might even change.

Thanks!
Tom
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum