Posted: Sat May 20, 2023 18:21 Post subject: Help with a security issue/solution.
I am getting a lot of hacking attempts coming into my dd-wrt router. I have a list of IP addresses that I would like to allow to connect and would like to reject any incoming TCP connections or incoming UDP packets that have public IP addresses that are not in my list. I still need to be able to send UDP packets or do outbound TCP connections to any public address. The closest thing I have been able to find is the IPTABLE commands but cannot find any detailed explanation of how to use it (the IPTABLE scripts have too many buzzwords that I don't understand). Is there a way to do what I'm looking for? If so, how should I go about it.
Summarize: Reject any incoming TCP connection who's source address is not in my list. Discard any incoming UDP packet that is not in my list. Allow any outbound TCP connection to any address. Allow any outbound UDP packet to any address. It would also help to optionally log any rejections but it's not a requirement.
I am willing to help a dd-wrt expert with documetation to explain some of the terminology being used so others can use it more easily.
Anything targeting your WAN would be a result of one of your LAN clients navigating where it probably shouldn't. By default, outside of enabling the limit telnet, ssh, etc. in the firewall settings, there is little to no attack surface as sir @egc has already stated. _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio