Hello gurus
I have a question for you.
My setup has a "official" wifi network (mine..) and a guest wifi (with a less secure password)
All is working as expected.
But i also have a couple of wifi surveillance cameras that NOW are connected to official wifi.
Can i connect them to guest wifi and access them from official wifi?
Second: can i setup port forwarding on guest network?
Third: can i setup dhcp reservation on guest network?
I'm a little scared about "try and see" since cameras are not so easy to reach and i would prefer not to stay closed outside them
Is there anyway to get Opendns work with privoxy:
smt like :
iptables -t nat -I PREROUTING -i ath0.1 -p udp --dport 53 -j DNAT --to 208.67.220.220
iptables -t nat -I PREROUTING -i ath0.1 -p tcp --dport 53 -j DNAT --to 208.67.220.220
and also i want to route all traffic to port 80 to 8118 privoxy ?
Looks like it will conflict together:
if i apply this :
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8118
Joined: 24 Feb 2013 Posts: 1634 Location: Belgrade
Posted: Sun May 24, 2015 11:50 Post subject:
What is the point to use OpenDNS when you have privoxy, make no sense to me... Anyway your question (iptables stuff) is for Advanced routing ddwrt forum section...
What is the point to use OpenDNS when you have privoxy, make no sense to me... Anyway your question (iptables stuff) is for Advanced routing ddwrt forum section...
I want to use OpenDNS for content filtering eg block porn website ... but I also want to block ads. Like i can use OpenDns and pixelserv to both content filtering and blocks ads from the websites in Tomato. It works great with Tomato.
Now I want to have something like that with dd-wrt ...But so far I see that adblock - transparent and custom works with OpenDNS but the statistics show me really low rate to be blocked - ads:
Blocking Statistics:
295 out of 3151 requests have been blocked, which equals a block rate of 9.36%.
Or I missed some configures ?
Joined: 03 Jan 2010 Posts: 7568 Location: YWG, Canada
Posted: Tue Jun 16, 2015 3:55 Post subject:
this is available with the next build as of this post, the build after r27240 which is due any time now. dont try on r27240 as its got broken qos, earlier builds have rule creation/matching issues.
to use qos on BRIDGED interfaces, u must set "port" to LAN & WLAN, all other functions of qos setup will work the same way as with "WAN" setting, just potentially slightly more cpu usage.
with interface limiting both bridged & unbridged, offers ability to rate or priority limit services or ports/port ranges. this can be exceptionally useful to control bandwidth hogs, regulate hotspots, etc. with an interface limit, a user can change their ip address & mac address as much as they want trying to get around qos, abusive users cant bypass ur rules without switching off the interface.
so unbridged + net isolation + ap isolation + forced dns redirection + interface qos =
example such as:
vlan1 512/512 0 ssl manual
^this means all traffic on vlan1 interface (lan ports for some routers, others use eth) is not limited or shaped & goes "up to" global limits, except ssl traffic, being limited to 512kbps both up & down (64KB/s). multiple entries are possible exampled below.
^with this, the same applies to what i said above, just for the ath0 wireless interface & only the listed services are rate limited. u can also do priority limits, but rate limiting & prioritizing the same service is not supported, one or the other. _________________ LATEST FIRMWARE(S)
BrainSlayer wrote:
we just do it since we do not like any restrictions enforced by stupid cocaine snorting managers
Hi, I am having difficulty in getting the guest wifi to work properly, and have been for many months now. I've tried a number of different methods and tutorials here and elsewhere with no success. The closest I've come is with this thread, but as soon as I enable multiple DHCP servers I lose connectivity for the network. (The router lists an IP etc from my provider, but wired and wireless devices cannot resolve addresses.) I suspect that I'm doing something wrong with DHCPD setup but I have not found a clear guide to set it up. Any advice would be appreciated.
Joined: 03 Jan 2010 Posts: 7568 Location: YWG, Canada
Posted: Thu Jul 02, 2015 0:53 Post subject:
u didnt provide any config settings..vap settings? which radio is doing it 2.4ghz or 5ghz? multiple dhcpd setting? which interface did u enable it for?
u arent on the latest build u should be before reporting problems.. _________________ LATEST FIRMWARE(S)
BrainSlayer wrote:
we just do it since we do not like any restrictions enforced by stupid cocaine snorting managers
u didnt provide any config settings..vap settings? which radio is doing it 2.4ghz or 5ghz? multiple dhcpd setting? which interface did u enable it for?
u arent on the latest build u should be before reporting problems..
Hi, thanks, sorry and I will provide details - I wasn't certain what would be needed. (As for the latest build, this has been an issue for months and months, across multiple builds.)
I followed the instructions in this thread so the VAP and multiple DHCPD settings are as listed there. This is on the 2.4 GHz radio. After some more testing, it seems that the system fails when I enable "Use DNSMasq for DHCP" on the main Setup page. After enabling that, my wireless device connects but does not receive an address.
Hi, I am having difficulty in getting the guest wifi to work properly, and have been for many months now. I've tried a number of different methods and tutorials here and elsewhere with no success. The closest I've come is with this thread, but as soon as I enable multiple DHCP servers I lose connectivity for the network. (The router lists an IP etc from my provider, but wired and wireless devices cannot resolve addresses.) I suspect that I'm doing something wrong with DHCPD setup but I have not found a clear guide to set it up. Any advice would be appreciated.
Details:
- TP-Link Archer C7 v2
- DD-WRT r27413
I'm also having this issue, but I'll try to update to latest build before reporting with more details.
@Mile-Lile
Super howto, thanks! It working just fine for me.
But the GuestWIFI net had still IP-Connection to my "main" Network. (Ping is possible to the Hosts...)
So I added this firewall rules:
Code:
iptables -I FORWARD -i br0 -o ath0.1 -m state --state NEW -j DROP
iptables -I INPUT -i ath0.1 -m state --state NEW -j DROP
iptables -I FORWARD -i ath0.1 -d `nvram get lan_ipaddr`/`nvram get lan_netmask` -m state --state NEW -j DROP
But the "Access Restrictions" seems to be not working at all.
I tried to "Website Blocking by URL Address and "Website Blocking by Keyword", but they seems to have no effect at all.
For example: the blocked "yahoo.com" is still from a "Guest" accessible...
greetings
peppo
PS:
I am using a TP-LINK Archer C7 (AC1750), with the newest beta (D-WRT v3.0-r27506 (07/09/15))