Ok, so the first two rules allow all protocols from two sites 194.231.229.20 and 212.65.2.116. Why are these rules here? They appear to open up your firewall to anyone at those addresses.
Joined: 06 Jun 2006 Posts: 7528 Location: Dresden, Germany
Posted: Thu Jul 31, 2008 23:20 Post subject:
even i see no reason for this. these ip addresses arent valid anymore. it seems that chris implemented this for a customer. i removed it now _________________ "So you tried to use the computer and it started smoking? Sounds like a Mac to me.." - Louis Rossmann https://www.youtube.com/watch?v=eL_5YDRWqGE&t=60s
Just wanted to clarify to others that despite the thread title, these entries are not confined to the mega build. They're in my SP1 VPN build as well (10011).
Even if they are harmless, is there a way I can remove them short of flashing new firmware?
Joined: 04 Jan 2007 Posts: 11564 Location: Wherever the wind blows- North America
Posted: Fri Aug 01, 2008 0:20 Post subject:
nemesisdb wrote:
Just wanted to clarify to others that despite the thread title, these entries are not confined to the mega build. They're in my SP1 VPN build as well (10011).
Even if they are harmless, is there a way I can remove them short of flashing new firmware?
I checked my 10061 mini_generic build earlier...they are NOT in this build.
I don't know if this is stored in a variable someplace...without it installed on mine...I can't find it...try a telnet session and grep the nvram for those addresses....it might be possible to do an "nvram unset" from there.
[EDIT] - I just did a remote login and checked my home router...it is not in the 10011 - std build either.
redhawk _________________ The only stupid question....is the unasked one.
Posted: Fri Aug 01, 2008 11:39 Post subject: Temporary Solution
I confirmed this on the latest VPN build so, to take care of it for myself I built this as a temporary fix until the corrections make their way into the current builds:
1) Goto the "Administration" tab and in the Cron section make sure Cron is enabled and paste the following into the Additional cron jobs:
Code:
30,59 * * * * root /tmp/custom.sh
2) Find the "Commands" sub-tab up top and paste the following script into the Command Shell box:
if [ -z "$LINE2" ]
then
echo Errant 212.65.2.116 rule not found.
else
iptables -D INPUT $LINE2
echo Errant 212.65.2.116 rule removed.
fi
Now just hit the "Save Custom Script" button.
Every 30 minutes your router will check to see if the bad rules are there and remove them.
You may wonder why use a cron job instead of the startup or, more appropriately, the firewall script option.
Well it seems that the startup script runs before the firewall is initiated. And the firewall script will run before the system adds these bad rules in.
Every time the firewall restarts or, of course, whenever the router reboots, the rules will pop back up, though neither should happen very often.
Joined: 06 Jun 2006 Posts: 7528 Location: Dresden, Germany
Posted: Fri Aug 01, 2008 12:49 Post subject:
its easier.
do the following
nvram unset ral
nvram commit
on next reboot these values are gone (until you reset the config) _________________ "So you tried to use the computer and it started smoking? Sounds like a Mac to me.." - Louis Rossmann https://www.youtube.com/watch?v=eL_5YDRWqGE&t=60s