Exclude one IP from SPI

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
View previous topic :: View next topic  
Author Message
andrea_m83
DD-WRT User


Joined: 16 Jun 2020
Posts: 50
PostPosted: Fri Jun 19, 2020 16:16    Post subject: Exclude one IP from SPI Reply with quote
Hi all, I want to map an usb host from my Netgear r67000v3 in a 192.168.X.X subnet into a PC into an other subnet 172.16.X.X, where ISP modem is.
I can access to my DD_WRT router if I disable Firewall SPI, but you know a way to keep it and enable access to my PC in another subnet ?
Back to top View user's profile Send private message
Sponsor
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6435
Location: UK, London, just across the river..
PostPosted: Fri Jun 19, 2020 18:12    Post subject: Reply with quote
https://forum.dd-wrt.com/wiki/index.php/Iptables_command

have a look here...
_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55779 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Back to top View user's profile Send private message
andrea_m83
DD-WRT User


Joined: 16 Jun 2020
Posts: 50
PostPosted: Sat Jun 20, 2020 16:14    Post subject: Exclude one IP from SPI Reply with quote
I solved it with this:

Quote:
iptables -I INPUT -i vlan2 -p tcp --dport www -j ACCEPT
iptables -I INPUT -i vlan2 -p tcp --dport https -j ACCEPT
iptables -I INPUT -i vlan2 -p tcp --dport http -j ACCEPT



Thanks mate!
Wink

in the meantime I'm still stuck in the p2p configuration ...
I used this rules for eMule:
Quote:
iptables -I FORWARD -p tcp -d 192.168.1.3 --dport 4660 -j DROP
iptables -I FORWARD -p tcp --dport 4660 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -I FORWARD -p udp -d 192.168.1.3 --dport 4760 -j DROP
iptables -I FORWARD -p udp --dport 4760 -m state --state RELATED,ESTABLISHED -j ACCEPT


But connectione failed, with a low-id.
If I set uPnp doesn't work too
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum