Fi011 DD-WRT Novice
Joined: 19 Jun 2017 Posts: 1
|
Posted: Fri Jun 23, 2017 9:14 Post subject: DD WRT Enabling SSH and Web Gui for one public IP. |
|
Hi all,
I'm having some issues with iptables not working properly. I just want to create a simple rule for SSH:
iptables -A INPUT -p tcp -s 95.181.21.42 --dport 22 -j ACCEPT
iptables -A INPUT -p tcp -s 95.181.21.42 --dport 22 -j ACCEPT
Then I ran the commands and saved them to the firewall. This is not my IP address, so with this setup, I shouldn't be able to SSH into the router, only 95.181.21.42 should be able to SSH. But I can still SSH in, with no problems. Same is for Web GUI managment.
But if I go to SSH and check the rules, I can see the rules applied. It looks they are ok.
root@KDC_Baki:~# iptables -vnL INPUT --line-numbers
Chain INPUT (policy ACCEPT 232 packets, 22177 bytes)
num pkts bytes target prot opt in out source destination
1 1 40 logdrop tcp -- vlan2 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:23
2 0 0 ACCEPT tcp -- * * 95.181.21.42 0.0.0.0/0 tcp dpt:22
3 0 0 ACCEPT tcp -- * * 95.181.21.42 0.0.0.0/0 tcp dpt:22
root@KDC_Baki:~#
but I can still ssh into the router from my ip address with no issues. Any insights?
Also, what is the default logdrop 0.0.0.0 0.0.0.0 rule? Do I need to change it or delete it? Tried but it had no effect.
Any help would be greatly appreciated. |
|