Posted: Sun Aug 25, 2019 16:50 Post subject: Guest wifi with local web access only
I have the following:
Router Model: Linksys WRT1900ACS
Firmware Version: DD-WRT v3.0-r40559 std (08/06/19)
Kernel Version: Linux 4.9.187 #1207 SMP Tue Aug 6 05:17:29 CEST 2019 armv7l
I have set up a guest WLAN with its own HTTP range (192.168.2.x). This works fine
I have set up a small website in the router using lighttpd. This also works fine.
At the moment, the guest WLAN has full WAN access, but I wish to prevent this, allowing it access only to the router website (though it will need DNS access as the router website name requires a lookup).
As a starting point, I tried using Access Restrictions to block interface ath1.1 from WAN access, but this seems to have no effect at all.
I suspect I will need some custom iptables commands, but am very much a newbie in this area. Any suggestions, please?
Posted: Sun Sep 08, 2019 12:37 Post subject: iptables
Many thanks for the replies here. I now have something that works, but there is a new problem (in a new post) whereby the commands are vanishing all by themselves!
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=321208
Joined: 04 Aug 2018 Posts: 1444 Location: Appalachian mountains, USA
Posted: Sun Sep 08, 2019 14:11 Post subject:
student13 wrote:
$(nvram get wan_iface) versus `get_wanface`
What's the difference ? I know that `get_wanface` works on a linksys Wrt1900ac, because I have used this exact piece of
of code ?
I had exactly the same question a couple of months ago and finally did the googling. Turns out that in the bash world (and our router shell is modeled on bash) the ` ` version is the old way and $( ) is the new way, and though they are both supported and have the same functionality, the $( ) way is now considered best practice. I think the change to the new notation was made because visually it can be tricky in some fonts to spot that ` ` is not ' ', and the function is so different that this can be a problem when reading code. _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.