Joined: 18 Mar 2014 Posts: 12877 Location: Netherlands
Posted: Tue Nov 12, 2019 10:43 Post subject:
This is not specific to Atheros based routers so you are posting in the wrong forum (see some pointers for using the forum below).
No problem, of course we are trying to help you anyway but posting in the right forum will get you better answers
But yes you can run a script which is located on a USB stick.
For firewall rules run this script from Administration/Commands and Save Firewall, start the script with
Code:
sleep 30
to allow the USB stick to come up.
Of course make the script executable and start with:
Code:
sh /jffs/myscript.sh &
Here is an excerpt of the forum rules, the rules are there so that we can help you better and we can all profit from it:
1. Research your router, start with the supported devices wiki:
https://wiki.dd-wrt.com/wiki/index.php/Supported_Devices .
2. In the supported devices wiki you can see if your router is supported and what architecture your router has and if you are lucky also an install guide/wiki.
3. Post in the right forum, from the former step you can see if your router is Broadcom, Qualcomm/Atheros, Marvell or other, use that forum to post router specific questions, for networking questions post in the Advanced Networking forum and for other things in the General Questions forum.
4. When posting always state router model, build number and when applicable the Kernel version.
Describe your problem and how you think it can be solved.
Give as much detail as you can also provide your network setup if applicable.
For your Network setup, state what wiki you have used: https://wiki.dd-wrt.com/wiki/index.php/Linking_Routers
5. When posting pictures make sure the maximum width is not more than 600 pixels.
6. Do not hijack a thread, meaning do not post your own problem in someone else's thread. Just start your own thread.
7. If your post is answered and your problem solved, mark your thread with [SOLVED] (the header of your first post).
8. Do NOT use the router database, builds can be found at:
https://dd-wrt.com/support/other-downloads/?path=betas%2F2019%2F
All builds are beta including those from the router database.
9. Before uploading a new build to your router, research the build by looking in the build threads.
This is an example of a build thread for build 41328 for Broadcom routers:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=321699&highlight=41328
Search build threads with the search function and search on build number.
10. Use the build threads from the former step to report success or problems.
11. For older Broadcom routers (Linksys WRT54 and E series) read the peacock thread although some of it is outdated: https://forum.ddwrt.com/phpBB2/viewtopic.php?t=51486&sid=05c269e8bc745f300278d04f3b742a98
Builds can be found in the Broadcom directory for Linux kernel 2.4, in Broadcom_K26 for Linux K2.6 and in Broadcom_K3X for Linux K3.X.
12. If you are sure you have discovered a bug, after asking and querying the forum, you can report a real bug in the bug tracker: https://svn.dd-wrt.com/
This is also the place where the commits/changes to the source are administrated.
13. Recommended reading:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=54845 https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=54959
14. If you are happy with DDWRT and want it to live on then donate:
https://dd-wrt.com/donations/ _________________ Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399 Install guide R7800/XR500:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614 Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Joined: 18 Mar 2014 Posts: 12877 Location: Netherlands
Posted: Tue Nov 12, 2019 11:38 Post subject: Re: thanks
Sanch3z wrote:
Should I move the post to the section of Advanced Networking in this forum ?
I found this solution
How Do I Block Large Number Of IP Address with shell script:
Code:
#!/bin/bash
_input="/root/blocked.ip.db"
IPT=/sbin/iptables
$IPT -N droplist
egrep -v "^#|^$" x | while IFS= read -r ip
do
$IPT -A droplist -i eth1 -s $ip -j LOG --log-prefix "IP BlockList "
$IPT -A droplist -i eth1 -s $ip -j DROP
done < "$_input"
# Drop it
$IPT -I INPUT -j droplist
$IPT -I OUTPUT -j droplist
$IPT -I FORWARD -j droplist
I need only block/drop large number Of IP Address from wan access (spam bots, brute-force, port scanners)
You can not move it yourself and it is not necessary.
You can call your script like I outlined in my previous post.
It will not work though as the iptables can be found at /usr/sbin/iptables
You also have to change the path of the file with the addresses you want to block pointing to your USB (/jffs/ )
I know some users do these kind of things to "harden" the firewall.
But if the firewall is installed correctly those addresses are blocked anyway and I assume you do not have remote administration enabled because that is one thing you should never do in my opinion
If it is to block/protect your users from malicious websites then it is fine.
But in that case just use it on the FORWARD chain.
But a better option might be to use OpenDNS or a DNSMasq based solution.
But of course it is up to you to choose what you like
The process you are explaining is really good to see. I want to say sometimes I face epson error code 0xf1 while I am doing this process. So, if anyone know how to solve it out then let me know.
Joined: 18 Mar 2014 Posts: 12877 Location: Netherlands
Posted: Fri Nov 15, 2019 7:54 Post subject:
larypage58 wrote:
The process you are explaining is really good to see. I want to say sometimes I face epson error code 0xf1 while I am doing this process. So, if anyone know how to solve it out then let me know.
Please take note of point six to begin with
Below some pointers which might help to get the best out of DDWRT and out of the forum:
1. Research your router, start with the supported devices wiki:
https://wiki.dd-wrt.com/wiki/index.php/Supported_Devices .
2. In the supported devices wiki you can see if your router is supported and what architecture your router has and if you are lucky also an install guide/wiki.
3. Post in the right forum, from the former step you can see if your router is Broadcom, Qualcomm/Atheros, Marvell or other, use that forum to post router specific questions, for networking questions post in the Advanced Networking forum and for other things in the General Questions forum.
4. When posting always state router model, build number and when applicable the Kernel version.
Describe your problem and how you think it can be solved.
Give as much detail as you can also provide your network setup if applicable.
For your Network setup, state what wiki you have used: https://wiki.dd-wrt.com/wiki/index.php/Linking_Routers
5. When posting pictures make sure the maximum width is not more than 600 pixels.
6. Do not hijack a thread, meaning do not post your own problem in someone else's thread. Just start your own thread.
7. If your post is answered and your problem solved, mark your thread with [SOLVED] (the header of your first post).
8. Do NOT use the router database, builds can be found at:
https://dd-wrt.com/support/other-downloads/?path=betas%2F2019%2F
All builds are beta including those from the router database.
9. Before uploading a new build to your router, research the build by looking in the build threads.
This is an example of a build thread for build 41328 for Broadcom routers:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=321699&highlight=41328
Search build threads with the search function and search on build number.
10. Use the build threads from the former step to report success or problems.
11. For older Broadcom routers (Linksys WRT54 and E series) read the peacock thread although some of it is outdated: https://forum.ddwrt.com/phpBB2/viewtopic.php?t=51486&sid=05c269e8bc745f300278d04f3b742a98
Builds can be found in the Broadcom directory for Linux kernel 2.4, in Broadcom_K26 for Linux K2.6 and in Broadcom_K3X for Linux K3.X.
12. If you are sure you have discovered a bug, after asking and querying the forum, you can report a real bug in the bug tracker: https://svn.dd-wrt.com/
This is also the place where the commits/changes to the source are administrated.
13. Recommended reading:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=54845 https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=54959
14. If you are happy with DDWRT and want it to live on then donate:
https://dd-wrt.com/donations/ _________________ Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399 Install guide R7800/XR500:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614 Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
