it connects from different services to aws on port 8884 and plus i can't block llmnr ? i just wanted to know if there is a way to control the connection wich are going out of my desktop.
I did specify the protocol but it's not working at moment, as you wrote before the connection has been initiated from the lan so how can i block it? it seems that ip tables are not working
Notthing is working. I've tried almost everything but still i can't block any kind of connection from the router. This is kinda sad anyway.
For every port i try to block on every table i've got i still can log from my desktop connections going trough those ports. Doesn't matter wich table i try.
I guess i'm doing something wrong. Or just the build is bugged.
Are you blocking on the forwarding? (ie from your computer through the router to the internet)
Are you doing these rules BEFORE any of the related/established rules?
If you are talking connections directly too the router that is INPUT chain.
A couple of people have mentioned these things but not really explicitly.
I seriously doubt iptables is broken, I think that there is just a misunderstanding somewhere
The other thing is could we see the iptables command and an iptables -vL (before and after your change). This helps us verify and understand incase there is something small.
Hi guys and thank you for your kindness and patient on answering me, i tried those tables on every chain i've got.
May it be the vpn is the reason why i can't control them?
My point is , if i want no ICMP for example and i set a rule for that i expect that i won't see any ICMP packet on my network. This is just an example but i still see them even after the rule.
As i said before i'm 100% wrong, so i will just reset my ip tables and restart from 0.
Any usefull advice about resetting the tables?
I won't post them because they are a shame due to the thousand try i have done.
Joined: 08 May 2018 Posts: 14246 Location: Texas, USA
Posted: Tue Dec 10, 2019 19:27 Post subject:
Uh, are you telling us that you didn't delete the rules that didn't work as you went along?
Easiest way is to reset the router to defaults BUT, you can list each table with rule numbers and then delete the rule number of the offending rules as well. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Joined: 16 Nov 2015 Posts: 6447 Location: UK, London, just across the river..
Posted: Wed Dec 11, 2019 8:16 Post subject:
multiport command is not present in all routers even thou it has very limited use and works just for few ports only..
p.s. i can confirm iptables work with single rule per port..block
If you need multiport, you may try to call multiport module in start up script if it helps... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Last edited by Alozaros on Wed Dec 11, 2019 17:45; edited 1 time in total
BUT, you can list each table with rule numbers and then delete the rule number of the offending rules as well. 