Question about iptables firewall command

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions
Author Message
FlashGordon649
DD-WRT Novice


Joined: 25 May 2019
Posts: 6

PostPosted: Sat May 25, 2019 1:13    Post subject: Question about iptables firewall command Reply with quote
I am using firewall commands that I found on a forum to ensure that all traffic passing through my router is being sent out over OpenVPN. It seems to work okay after some testing. In my firewall rules there are 5 iptable commands, one per line. I understand the first three lines but not the fourth and fifth lines. They are as follows:

Code:
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
iptables -I FORWARD -i br0 -o vlan2 -j DROP
iptables -I INPUT -i tun0 -j REJECT
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE


I have read the iptables man page and I believe I understand the first 3 commands. The first command I believe forwards all traffic from br0 to tun0 and the second command does the same thing in reverse. This should ensure all traffic goes out over the VPN assuming br0 is my ethernet ports and wifi connections. The third command seems to DROP or reject any traffic from br0 to vlan2 assuming vlan2 is my WAN. This should prevent any traffic from accidentally going out using my real ip address.

I do not understand line 4 and 5. It looks like 4 is rejecting input from tun0, but I don't really know what that means or why it keeps me safe. As for line 5, it seems like MASQUERADE has something to do with ip spoofing using the nat table, but I cannot understand really what is happening here or why it also keeps me safe. Can someone explain these two commands to me in terms I can understand? There is only so much I can understand from the syntax.
Sponsor
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Sat May 25, 2019 1:36    Post subject: Reply with quote
Let's first establish the context here.

I assume you're using the OpenVPN client GUI. And if you are, the OpenVPN client GUI provides all the necessary firewall rules you need to make it operational. It's all done automatically, under the covers. In addition, by default, it uses the network interface name of "tun1", and uses that name to configure its firewall rules. But if you overrode that in Additional Config w/ "tun0", then you've broken the auto-generated firewall rules, thus requiring the need to create your own.

Why would you do that?

_________________
DD-WRT: DNS Leak Detection w/ VPNs (updated 6/5/19)
NEW SCRIPT!: ddwrt-mount-usb-drives.sh
NEW SCRIPT!: ddwrt-blacklist-domains.sh
NEW SCRIPT!: ddwrt-ovpn-remote-access.sh
NEW SCRIPT!: ddwrt-pptp-policy-based-routing.sh
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Sat May 25, 2019 1:53    Post subject: Reply with quote
P.S. If you want to be assured that nobody on any local network is able to ever use the WAN, all you need (after getting rid of all those other firewall rules and tun0 in Additional Config) is the following.

Code:
WAN_IF="$(ip route | awk '/^default/{print $NF}')"
iptables -I FORWARD -i br+ -o $WAN_IF -j REJECT

_________________
DD-WRT: DNS Leak Detection w/ VPNs (updated 6/5/19)
NEW SCRIPT!: ddwrt-mount-usb-drives.sh
NEW SCRIPT!: ddwrt-blacklist-domains.sh
NEW SCRIPT!: ddwrt-ovpn-remote-access.sh
NEW SCRIPT!: ddwrt-pptp-policy-based-routing.sh
SurprisedItWorks
DD-WRT User


Joined: 04 Aug 2018
Posts: 370
Location: Appalachian mountains, USA

PostPosted: Sat May 25, 2019 16:13    Post subject: Reply with quote
eibgrad, is your post of two years ago recommending tun0 and some explicit firewall rules to prevent inbound new connections over the vpn no longer relevant? See https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=307445

I have your scheme of that post implemented in my router, just in case, though I admit I haven't established with testing that I actually need it (with NordVPN). I wasn't crystal clear on how to do that testing.

_________________
Six of the Linksys WRT1900ACSv2 on r38159, r40009, and r40784. On various:
VLANs, client-mode travel router, two DNSCrypt servers (incl Quad9), multiple VAPs, USB/NAS, QoS, OpenVPN client/PBR (random NordVPN server).
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Sun May 26, 2019 2:47    Post subject: Reply with quote
SurprisedItWorks wrote:
eibgrad, is your post of two years ago recommending tun0 and some explicit firewall rules to prevent inbound new connections over the vpn no longer relevant? See https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=307445

I have your scheme of that post implemented in my router, just in case, though I admit I haven't established with testing that I actually need it (with NordVPN). I wasn't crystal clear on how to do that testing.


It's still relevant. And unfortunately it looks like it's going to remain that way for the forseeable future.

https://svn.dd-wrt.com/ticket/6332

However, FreshTomato and Merlin (both which have this same flaw) will have this fixed in their respective next releases.

https://www.linksysinfo.org/index.php?threads/openvpn-client-security-enhancement.74549/
https://www.snbforums.com/threads/openvpn-client-security-enhancement.56328/

Now if we could just get dd-wrt on-board, we could do away w/ that fixup of mine.

_________________
DD-WRT: DNS Leak Detection w/ VPNs (updated 6/5/19)
NEW SCRIPT!: ddwrt-mount-usb-drives.sh
NEW SCRIPT!: ddwrt-blacklist-domains.sh
NEW SCRIPT!: ddwrt-ovpn-remote-access.sh
NEW SCRIPT!: ddwrt-pptp-policy-based-routing.sh
FlashGordon649
DD-WRT Novice


Joined: 25 May 2019
Posts: 6

PostPosted: Sun May 26, 2019 6:45    Post subject: Reply with quote
eibgrad wrote:
Let's first establish the context here.

I assume you're using the OpenVPN client GUI. And if you are, the OpenVPN client GUI provides all the necessary firewall rules you need to make it operational. It's all done automatically, under the covers. In addition, by default, it uses the network interface name of "tun1", and uses that name to configure its firewall rules. But if you overrode that in Additional Config w/ "tun0", then you've broken the auto-generated firewall rules, thus requiring the need to create your own.

Why would you do that?


I setup the OpenVPN client using the GUI provided in DD-WRT v3.0-r37015M kongac. I did not override tun1 in the additional config. My additional config is as follows:

Code:
tls-client
remote-cert-tls server
remote-random
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ping-timer-rem
reneg-sec 0


I did not know that OpenVPN used dev tun1, thank you for telling me. Why can't I just change tun0 to tun1 in the iptable commands I showed you? Are you saying that using those iptable commands overrides the OpenVPN firewall settings? Why is the firewall command you showed me better than what I have? I still want to know what the commands are doing so I can know why they are good or bad.
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Sun May 26, 2019 11:53    Post subject: Reply with quote
Once you start overriding things, that's when mistakes happen. Esp. if you don't know why you're doing it. I see many ppl add firewall rules or dump things into Additional Config which then breaks the OpenVPN client. At least when first trying to get the connection established, resist the temptation to add *anything* beyond the basic GUI elements. In your case, most of what you specified in Additional Config is already in the OpenVPN config file generated by the router. Once the OpenVPN client is enabled, you can go to a shell (telnet/ssh) and examine the config file to see for yourself.

Code:
cat /tmp/openvpncl/openvpn.conf


Once things are working, you can fiddle with firewall rules and additional directives all you like. But then you're on your own. And if things break, you always have a working config to return back to.

As far as the rules you specified, as I said, by default, the router uses tun1 as the network interface. So adding firewall rules based on tun0 is not going to be effective. You would minimally have to override the use of tun1 by adding the following to Additional Config.

Code:
dev tun0


But this is pointless, and needlessly requires you to add your own firewall rules. And that assumes you understand all those rules, which you specifically indicated was NOT the case in your opening post.

There's also a subtle problem in simply changing your own firewall rules to use tun1.

The router uses the OpenVPN scripting engine to install its own firewall rules, specifically using the route-up directive and a special script called by OpenVPN at the correct time in the connection process. As such, the router *always* gets the last say in how the firewall wall is configured. As a result, if you add your own firewall rules to the firewall script, they will have NO EFFECT because those firewall rules are added FIRST, then the router via its own scripting in OpenVPN places its own firewall rules ahead of yours!

Again, that's the problem w/ messing around w/ your own firewall rules and changes to Additional Config. We tell ppl to NOT do this for good reasons. You can easily break things because of issues like the above.

That's not to say you can't supplement the router's firewall rules when appropriate. For example, if you want to add a kill switch.

Code:
# block all access to WAN by clients behind router
WAN_IF="$(ip route | awk '/^default/{print $NF}')"
iptables -I FORWARD -o $WAN_IF -j REJECT


In summary, avoid messing w/ your own firewall rules and additions to Additional Config, at least until you get it working. Then if you have specific questions or needs beyond what the default configuration is able to provide, we'll be happy to discuss it.

_________________
DD-WRT: DNS Leak Detection w/ VPNs (updated 6/5/19)
NEW SCRIPT!: ddwrt-mount-usb-drives.sh
NEW SCRIPT!: ddwrt-blacklist-domains.sh
NEW SCRIPT!: ddwrt-ovpn-remote-access.sh
NEW SCRIPT!: ddwrt-pptp-policy-based-routing.sh
FlashGordon649
DD-WRT Novice


Joined: 25 May 2019
Posts: 6

PostPosted: Sun May 26, 2019 20:11    Post subject: Reply with quote
eibgrad wrote:
Once you start overriding things, that's when mistakes happen. Esp. if you don't know why you're doing it. I see many ppl add firewall rules or dump things into Additional Config which then breaks the OpenVPN client. At least when first trying to get the connection established, resist the temptation to add *anything* beyond the basic GUI elements. In your case, most of what you specified in Additional Config is already in the OpenVPN config file generated by the router. Once the OpenVPN client is enabled, you can go to a shell (telnet/ssh) and examine the config file to see for yourself.

Code:
cat /tmp/openvpncl/openvpn.conf


Once things are working, you can fiddle with firewall rules and additional directives all you like. But then you're on your own. And if things break, you always have a working config to return back to.

As far as the rules you specified, as I said, by default, the router uses tun1 as the network interface. So adding firewall rules based on tun0 is not going to be effective. You would minimally have to override the use of tun1 by adding the following to Additional Config.

Code:
dev tun0


But this is pointless, and needlessly requires you to add your own firewall rules. And that assumes you understand all those rules, which you specifically indicated was NOT the case in your opening post.

There's also a subtle problem in simply changing your own firewall rules to use tun1.

The router uses the OpenVPN scripting engine to install its own firewall rules, specifically using the route-up directive and a special script called by OpenVPN at the correct time in the connection process. As such, the router *always* gets the last say in how the firewall wall is configured. As a result, if you add your own firewall rules to the firewall script, they will have NO EFFECT because those firewall rules are added FIRST, then the router via its own scripting in OpenVPN places its own firewall rules ahead of yours!

Again, that's the problem w/ messing around w/ your own firewall rules and changes to Additional Config. We tell ppl to NOT do this for good reasons. You can easily break things because of issues like the above.

That's not to say you can't supplement the router's firewall rules when appropriate. For example, if you want to add a kill switch.

Code:
# block all access to WAN by clients behind router
WAN_IF="$(ip route | awk '/^default/{print $NF}')"
iptables -I FORWARD -o $WAN_IF -j REJECT


In summary, avoid messing w/ your own firewall rules and additions to Additional Config, at least until you get it working. Then if you have specific questions or needs beyond what the default configuration is able to provide, we'll be happy to discuss it.


In accordance with your advice, I have deleted all my custom firewall rules and replaced them with the kill switch you provided. I also deleted the additional config lines from my OpenVPN GUI client. After rebooting the router from the Administration tab, the VPN is working fine. I then added the letter "a" to the remote ip of the OpenVPN client to test the kill switch. After applying changes, I was unable to access the internet so it appears the kill switch is working. I removed the "a" from the remote ip, applied changes and the VPN is working fine and showing the correct ip address when using an ip lookup tool.

Next I used the cat command you provided to view the OpenVPN config. It contains the following:

Code:
ca /tmp/openvpncl/ca.crt
management 127.0.0.1 16
management-log-cache 100
verb 3
mute 3
syslog
writepid /var/run/openvpncl.pid
client
resolv-retry infinite
nobind
persist-key
persist-tun
script-security 2
dev tun1
proto udp4
cipher aes-256-cbc
auth sha512
auth-user-pass /tmp/openvpncl/credentials
remote *.*.*.* 1194
comp-lzo no
tun-mtu 1500
mtu-disc yes
fast-io


Like you said, it already contains by default some of the additional config lines recommended by my VPN provider that I had specified before. Now that I have deleted my additional config, I can tell which ones aren't there by default. The following additional config lines recommended by my provider are not in the config file by default:

Code:
tls-client
remote-cert-tls server
remote-random
tun-mtu-extra 32
mssfix 1450
ping-timer-rem
reneg-sec 0


Should I put these lines back in? If I shouldn't, why not?
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Sun May 26, 2019 20:37    Post subject: Reply with quote
Personally, I would leave things as they are. Many times the VPN provider suggests things that aren't really necessary, or even make sense in some cases. And sometimes things are not as they seem to appear.

Quote:
--client
A helper directive designed to simplify the configuration of OpenVPN's client mode. This directive is equivalent to:

pull
tls-client


The above is a direct pull from the OpenVPN documentation (something I recommend everyone should read to better understand what all these directives actually do). In the case of the client directive, that's just a help directive that results in the generation of the pull and tls-client directives. So the fact you don't see "pull" and "tls-client" in the router's config file, but instead "client", doesn't mean you need to add "pull" and/or "tls-client".

Or consider the remote-random directive. That's only relevant if you are specifying more than one remote directive in the config file. By default, the GUI only provides the ability to specify one remote (i.e., Server IP/Name). But you can add remote directives in Additional Config so the OpenVPN client has more server options than simply the one and only remote specified in the GUI.

Once you do, the remote-random directive makes sense; it scrambles the list of servers for load balancing purposes. Personally, I prefer to NOT use this directive and use the default; sequentially run through the servers as specified in the config file.

I'm not going to run through all the rest of the directives, but as I said, you can research these yourself using the OpenVPN documentation. It will take some time and effort, but it's well worth it to understand how OpenVPN actually works.

https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage

_________________
DD-WRT: DNS Leak Detection w/ VPNs (updated 6/5/19)
NEW SCRIPT!: ddwrt-mount-usb-drives.sh
NEW SCRIPT!: ddwrt-blacklist-domains.sh
NEW SCRIPT!: ddwrt-ovpn-remote-access.sh
NEW SCRIPT!: ddwrt-pptp-policy-based-routing.sh
FlashGordon649
DD-WRT Novice


Joined: 25 May 2019
Posts: 6

PostPosted: Sun May 26, 2019 21:12    Post subject: Reply with quote
eibgrad wrote:
Personally, I would leave things as they are. Many times the VPN provider suggests things that aren't really necessary, or even make sense in some cases. And sometimes things are not as they seem to appear.

Quote:
--client
A helper directive designed to simplify the configuration of OpenVPN's client mode. This directive is equivalent to:

pull
tls-client


The above is a direct pull from the OpenVPN documentation (something I recommend everyone should read to better understand what all these directives actually do). In the case of the client directive, that's just a help directive that results in the generation of the pull and tls-client directives. So the fact you don't see "pull" and "tls-client" in the router's config file, but instead "client", doesn't mean you need to add "pull" and/or "tls-client".

Or consider the remote-random directive. That's only relevant if you are specifying more than one remote directive in the config file. By default, the GUI only provides the ability to specify one remote (i.e., Server IP/Name). But you can add remote directives in Additional Config so the OpenVPN client has more server options than simply the one and only remote specified in the GUI.

Once you do, the remote-random directive makes sense; it scrambles the list of servers for load balancing purposes. Personally, I prefer to NOT use this directive and use the default; sequentially run through the servers as specified in the config file.

I'm not going to run through all the rest of the directives, but as I said, you can research these yourself using the OpenVPN documentation. It will take some time and effort, but it's well worth it to understand how OpenVPN actually works.

https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage


Thank you for your help and the resources, I promise I will read that whole OpenVPN man page soon.

If I wanted to add 5 different remote addresses and use the remote-random directive to switch between them, what lines could I safely add to the config?

Lastly, when I use the lsof command on the laptop I'm connecting with to see ports being used by certain applications, I get a strange output. I can see the domain name of my non-VPN router which connects to the ISP and internet. The output looks like this (I only included one line):

Code:
root@*****:~# lsof -i -P  | grep tor
tor 1542 debian-tor 10u IPv4 27732 0t0 TCP *****.gateway.*****.net:41540->janus.fsnet.io:9001 (ESTABLISHED)


Considering my DD-wrt router is plugged into the router whose name I am seeing here, how is it possible with your killswitch for my machine to derive the name of that router. The domain name is identical to the one displayed in DD-WRT under /Status_Router.asp, WAN Domain Name. Is DD-WRT serving my machine this information? Is this something to be worried about? If so, can I fix it?
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Sun May 26, 2019 21:22    Post subject: Reply with quote
The following is what I have in my Additional Config field.

Code:
server-poll-timeout 10
remote 91.227.222.7 5353 # United Kingdom, Cambridge
remote 91.227.222.7 5000 # United Kingdom, Cambridge
remote 69.175.85.2 5353 # United States, Chicago
remote 69.175.85.2 5000 # United States, Chicago
remote 78.46.254.48 5353 # Germany, Nuremberg
remote 78.46.254.48 5000 # Germany, Nuremberg
remote 217.147.94.149 5353 # United Kingdom, Maidenhead
remote 217.147.94.149 5000 # United Kingdom, Maidenhead
remote 178.63.171.106 5353 # Germany, Nuremberg
remote 178.63.171.106 5000 # Germany, Nuremberg
remote 178.32.250.32 5353 # United Kingdom, London
remote 178.32.250.32 5000 # United Kingdom, London
remote 173.212.205.240 5353 # Germany, Munich
remote 173.212.205.240 5000 # Germany, Munich
remote 195.154.232.143 5353 # France, Paris
remote 195.154.232.143 5000 # France, Paris
remote 51.38.95.51 5353 # United Kingdom, Gosport
remote 51.38.95.51 5000 # United Kingdom, Gosport
remote 51.38.95.36 5353 # United Kingdom, Portsmouth
remote 51.38.95.36 5000 # United Kingdom, Portsmouth
#remote 23.19.73.147 5353 # United States, Los Angeles
remote 23.19.73.147 5000 # United States, Los Angeles


I use a free OpenVPN called SecurityKISS for testing purposes. This represents all the free public servers they make available. The one commented out is the one I have specified in the Server IP/Name field of the OpenVPN client GUI.

I also use the server-poll-timeout directive to limit how long I'm willing to wait for any given server to respond. If you don't, it could be a very slow process, as it could take up to a minute before each failed attempt times out.

As far as the kill switch, notice the comment I added. It *only* prevents clients *behind* the router from gaining access to the WAN. Since the router is managing the OpenVPN client connection over the WAN, it obviously has to have access over the WAN. Not to mention the ability to manage the WAN w/ the ISP.

_________________
DD-WRT: DNS Leak Detection w/ VPNs (updated 6/5/19)
NEW SCRIPT!: ddwrt-mount-usb-drives.sh
NEW SCRIPT!: ddwrt-blacklist-domains.sh
NEW SCRIPT!: ddwrt-ovpn-remote-access.sh
NEW SCRIPT!: ddwrt-pptp-policy-based-routing.sh
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Sun May 26, 2019 21:54    Post subject: Reply with quote
One other important detail about using multiple remote directives.

The remote directive takes three arguments, of which only the first is required (server ip or domain name). The other two, protocol and port, are optional. But it's important to realize that using multiple remote directives implies that all those servers use the same certs and keys! And that's not always the case. For example, NordVPN is notorious for using unique certs and keys w/ its servers, making it a bad match to the router. OTOH, PIA is known to use the same certs and keys among most of its servers. It's what makes PIA a good match for the router.

That's why it matters *which* OpenVPN provider you choose. Most ppl don't even consider this when evaluating one vs. the other. Most are totally fixated on the issue of performance.

Of course, if you specify a domain name in the Server/IP Name field of the OpenVPN client GUI, it often resolves to multiple public IPs, thus offering something similar to using multiple remote directives. Most VPN providers will round-robin the public IPs on a DNS query of their domain names.

_________________
DD-WRT: DNS Leak Detection w/ VPNs (updated 6/5/19)
NEW SCRIPT!: ddwrt-mount-usb-drives.sh
NEW SCRIPT!: ddwrt-blacklist-domains.sh
NEW SCRIPT!: ddwrt-ovpn-remote-access.sh
NEW SCRIPT!: ddwrt-pptp-policy-based-routing.sh
FlashGordon649
DD-WRT Novice


Joined: 25 May 2019
Posts: 6

PostPosted: Sun May 26, 2019 22:12    Post subject: Reply with quote
eibgrad wrote:
As far as the kill switch, notice the comment I added. It *only* prevents clients *behind* the router from gaining access to the WAN. Since the router is managing the OpenVPN client connection over the WAN, it obviously has to have access over the WAN. Not to mention the ability to manage the WAN w/ the ISP.


I understand what you're saying, but since I ran the lsof command on my laptop OS and not on dd-wrt, how can it see the gateway domain name? It makes sense to me that dd-wrt has to manage the OpenVPN client connection over WAN, but shouldn't the laptop tunneling through without knowing the WAN domain name?

As for additional config, this is what I have now based on our conversation. It appears my provider does use the same certs for every server. Hurray:

Code:
remote-random
server-poll-timeout 10
remote ***.***.***.*** 4569
remote ***.***.***.*** 4569
remote ***.***.***.*** 4569
remote ***.***.***.*** 4569
remote ***.***.***.*** 4569
remote ***.***.***.*** 4569
remote ***.***.***.*** 4569
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Sun May 26, 2019 22:45    Post subject: Reply with quote
FlashGordon649 wrote:
I understand what you're saying, but since I ran the lsof command on my laptop OS and not on dd-wrt, how can it see the gateway domain name? It makes sense to me that dd-wrt has to manage the OpenVPN client connection over WAN, but shouldn't the laptop tunneling through without knowing the WAN domain name?


It all depends on how you configure the Services page.

You're always going to have a domain name, either from the WAN or the LAN. By default, the domain name is grabbed from the WAN (ISP), but if you specify LAN & WLAN in Used Domain, you're expected to provide your own in the box below it (e.g., local).

So it's not that the clients behind the router are somehow working their way over the WAN for this information. The DHCP server is providing this information to them, depending on how the Used Domain option is configured.

Obviously, in most cases, esp. when you're behind a NAT router w/ a private network, using your own domain makes more sense.

_________________
DD-WRT: DNS Leak Detection w/ VPNs (updated 6/5/19)
NEW SCRIPT!: ddwrt-mount-usb-drives.sh
NEW SCRIPT!: ddwrt-blacklist-domains.sh
NEW SCRIPT!: ddwrt-ovpn-remote-access.sh
NEW SCRIPT!: ddwrt-pptp-policy-based-routing.sh
FlashGordon649
DD-WRT Novice


Joined: 25 May 2019
Posts: 6

PostPosted: Mon May 27, 2019 0:16    Post subject: Reply with quote
eibgrad wrote:
It all depends on how you configure the Services page.

You're always going to have a domain name, either from the WAN or the LAN. By default, the domain name is grabbed from the WAN (ISP), but if you specify LAN & WLAN in Used Domain, you're expected to provide your own in the box below it (e.g., local).

So it's not that the clients behind the router are somehow working their way over the WAN for this information. The DHCP server is providing this information to them, depending on how the Used Domain option is configured.

Obviously, in most cases, esp. when you're behind a NAT router w/ a private network, using your own domain makes more sense.


Thank you for all the tips. Wonderful to learn that the domain name is just passed down by dd-wrt. I think I have everything the way I want it now.

I used the domain name field in General Setup to make my laptop see what I wrote instead. It worked.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum