CR_Apollo DD-WRT User
Joined: 25 Dec 2020 Posts: 90 Location: Toronto - Canada
|
Posted: Fri Jun 09, 2023 22:49 Post subject: Access Restrictions - Not Working Well |
|
R7800 on r52869
Need to hit apply every day at least once or twice to restore clients configured to have access restrictions at certain times of the night. Issue showed up some time ago, maybe around r51XXX, but progressively got worse around r52306. I rebuilt all my configurations on r52369 and it seemed somewhat okay, with the odd apply needed occasionally, but now really bad and I have even changed the CFG to try and reset the Access Restrictions for the one it's been most prominent on.
Is there a script I can use to run at the end of every rule to force the firewall reset, without needing to have a reboot where other clients are impacted?
iptables reset?
EDIT:
Is it possible that my iptables allow rule might be causing this? Now that I think about it, I believe I added this command right around the time I experienced the odd case, and since the GUI changed for commands, I believe this is where it got even worse.
iptables -I FORWARD -i wl1 -o br0 -d 10.X.X.10 -m state --state NEW -j ACCEPT |
|
Alozaros DD-WRT Guru
Joined: 16 Nov 2015 Posts: 6411 Location: UK, London, just across the river..
|
Posted: Sat Jun 10, 2023 5:00 Post subject: |
|
depends from router model (on R7800 those will work) you can run directly time based iptables rules in the firewall to limit clients access..
or use IPset rules instead...have a look at the IPset guide... https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327261 _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913 |
|