Access Restrictions - Not Working Well

Post new topic   Reply to topic    DD-WRT Forum Index -> Atheros WiSOC based Hardware
Author Message
CR_Apollo
DD-WRT User


Joined: 25 Dec 2020
Posts: 90
Location: Toronto - Canada

PostPosted: Fri Jun 09, 2023 22:49    Post subject: Access Restrictions - Not Working Well Reply with quote
R7800 on r52869

Need to hit apply every day at least once or twice to restore clients configured to have access restrictions at certain times of the night. Issue showed up some time ago, maybe around r51XXX, but progressively got worse around r52306. I rebuilt all my configurations on r52369 and it seemed somewhat okay, with the odd apply needed occasionally, but now really bad and I have even changed the CFG to try and reset the Access Restrictions for the one it's been most prominent on.

Is there a script I can use to run at the end of every rule to force the firewall reset, without needing to have a reboot where other clients are impacted?

iptables reset?

EDIT:
Is it possible that my iptables allow rule might be causing this? Now that I think about it, I believe I added this command right around the time I experienced the odd case, and since the GUI changed for commands, I believe this is where it got even worse.

iptables -I FORWARD -i wl1 -o br0 -d 10.X.X.10 -m state --state NEW -j ACCEPT
Sponsor
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Sat Jun 10, 2023 5:00    Post subject: Reply with quote
depends from router model (on R7800 those will work) you can run directly time based iptables rules in the firewall to limit clients access..

or use IPset rules instead...have a look at the IPset guide... https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327261

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
CR_Apollo
DD-WRT User


Joined: 25 Dec 2020
Posts: 90
Location: Toronto - Canada

PostPosted: Sun Jun 11, 2023 15:38    Post subject: Reply with quote
Alozaros wrote:
depends from router model (on R7800 those will work) you can run directly time based iptables rules in the firewall to limit clients access..

or use IPset rules instead...have a look at the IPset guide... https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327261


Thanks for the link. I'll start by removing the commands for the firewall exceptions to see if the two are conflicting to cause the issues. If so, I'll take some time to create each rule manually for the IPSET files.

Thanks again!
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Atheros WiSOC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum