x86 Firewall

Post new topic   Reply to topic    DD-WRT Forum Index -> X86 based Hardware
View previous topic :: View next topic  
Author Message
lexridge
DD-WRT Guru


Joined: 07 Jun 2006
Posts: 1080
Location: WV, USA
PostPosted: Thu Oct 18, 2007 1:51    Post subject: x86 Firewall Reply with quote
Is the any way via the GUI of x86 DD-WRT to configure the port forwards to allow only a specific IP?

I could probably do this with IPTables from a ssh shell, but what is the best method to save those changes so they survive a reboot?

EDIT:
BrainSlayer, apparently this isn't in the web GUI, but it would be fairly simple to add another field to each added "Port Forward", and give the choice of either "anywhere" or user IP with subnetting...ie xxx.xxx.xxx.0/24 or just xxx.xxx.xxx.x. This would add some nice user security that anyone could easily use.

What do ya think?
END EDIT

thx,
Back to top View user's profile Send private message
Sponsor
rkloost
DD-WRT Guru


Joined: 11 Jul 2006
Posts: 1247
Location: Nijmegen, The Netherlands
PostPosted: Sun Oct 28, 2007 21:47    Post subject: Reply with quote
Enable a generic portforward...

check the iptables...

grab what you need...

Build a custom firewall script...

remove the generic portforward...

activate your script and test...
_________________
Firmware: DD-WRT v24 SP1 std
2xWRT54GLv1.1
2xWRT54GSv1.0
1xWRT54Gv2

In need of WRT54GS <= v3 EU/UK for firmware-debugging purposes. Buffalo's are welcome too! PM me if you have a spare one.
Back to top View user's profile Send private message
lexridge
DD-WRT Guru


Joined: 07 Jun 2006
Posts: 1080
Location: WV, USA
PostPosted: Thu Nov 01, 2007 4:26    Post subject: Reply with quote
rkloost wrote:
Enable a generic portforward...


How does one enable a generic portforward? Just enable one without parms?

rkloost wrote:
check the iptables...


I'd assume you mean #iptables -L

rkloost wrote:
Build a custom firewall script...


Does this mean adding ALL the portforward entries, or not?

rkloost wrote:
remove the generic portforward...


What about the others?


Thanks for the info. I have been experimenting, but look forward to your reply.

Lexridge
Back to top View user's profile Send private message
rkloost
DD-WRT Guru


Joined: 11 Jul 2006
Posts: 1247
Location: Nijmegen, The Netherlands
PostPosted: Thu Nov 01, 2007 6:39    Post subject: Reply with quote
What I would do:

Factory defaults...

Show all IP-tables rules in place.

Generate an portforward on by example port 54321.

Show all IP-tables rules in place
(should be a difference ;)

Note the diffs...

Build a custom script... that inserts/removes these lines...

disable portforward in the GUI...

etc etc
_________________
Firmware: DD-WRT v24 SP1 std
2xWRT54GLv1.1
2xWRT54GSv1.0
1xWRT54Gv2

In need of WRT54GS <= v3 EU/UK for firmware-debugging purposes. Buffalo's are welcome too! PM me if you have a spare one.
Back to top View user's profile Send private message
lexridge
DD-WRT Guru


Joined: 07 Jun 2006
Posts: 1080
Location: WV, USA
PostPosted: Thu Nov 01, 2007 21:22    Post subject: Reply with quote
Sounds simple enough. I'll give it a shot.

Thanks for the help.
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> X86 based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum