I would also like to know how to do this. Im sure we could manually add whole IP ranges to the firewall. But that would HIGHLY involved and complicated. So an easy way would fantastic. _________________ Linksys WRT610n v1 - DD-WRT K26 v24-sp2 (03/24/10) mini-usb
(SVN revision 14144)
Linksys WRT350n(with WPC600N) - DD-WRT v24-sp2 (01/02/10) mini-usb-ftp (SVN revision 13577M NEWD Eko)
I would also like to know how to do this. Im sure we could manually add whole IP ranges to the firewall. But that would HIGHLY involved and complicated. So an easy way would fantastic.
I agree and that's why I asked. There seems to be ways though. I need Frater to chime in, he is the code geek on this stuff lol.
I just found this but again, I need to know how to do it in DD-WRT...
I just took a look at that script and it should be no problem. It will need a complete rewrite. DD-WRT loads the iptables from scratch every time so they need to get inserted into rc_firewall. I will do this with a link to save nvram.
It will be similar to the pixelserv script.
Today I will get my Asus RTN16 and my new mediaplayer (ACryan Playon!HD) so it may take a few days..... _________________ Asus RT16N + OTRW
Kingston 4GB USB-disk 128 MB swap + 1.4GB ext3 on /opt + 2 GB ext3 on /mnt
Copperjet 1616 modem in ZipB-config
Asterisk, pixelserv & Pound running on router
Another Asus RT16N as WDS-bridge
I did start on it this morning and I was already able to run a script, but I'm afraid it's not the way to go.
For China alone it will have 1646 rules and I think that it will slowdown your router significantly.
I would like to do some more research to see if we can't have a more intelligent approach to the problem. I assume you not only want to block China, but the whole of South East Asia.....
I'm currently playing with my new toy (The mediaplayer) _________________ Asus RT16N + OTRW
Kingston 4GB USB-disk 128 MB swap + 1.4GB ext3 on /opt + 2 GB ext3 on /mnt
Copperjet 1616 modem in ZipB-config
Asterisk, pixelserv & Pound running on router
Another Asus RT16N as WDS-bridge
You can add countries yourself (It's now China and Afghanistan) _________________ Asus RT16N + OTRW
Kingston 4GB USB-disk 128 MB swap + 1.4GB ext3 on /opt + 2 GB ext3 on /mnt
Copperjet 1616 modem in ZipB-config
Asterisk, pixelserv & Pound running on router
Another Asus RT16N as WDS-bridge
Joined: 06 Jun 2006 Posts: 3763 Location: I'm the one on the plate.
Posted: Mon Nov 02, 2009 20:50 Post subject:
frater wrote:
For China alone it will have 1646 rules..
I've been blocking non-domestic e-mail using IP ranges in a mail server I admin. If you go by the primary zones such as APNIC, RIPE, LACNIC, Etc, then you can get it down to about 250 total rules. The reason is that there are large contiguous blocks of addresses that cover multiple countries. I'll dig up the specifics and find the websites I used to get the data bases. _________________ http://69.175.13.131:8015 Streaming Week-End Disco. Station Ripper V 1.1 will do.
Last edited by GeeTek on Mon Nov 02, 2009 20:51; edited 1 time in total
You can add countries yourself (It's now China and Afghanistan)
Thanks Frater...I want to block India too to see what effect it has on browsing.
I tried to resolve "http://wd.mirmana.com/S95countryblock" and got nothing. I changed it to "http://www.mirmana.com/S95countryblock" and still got nothing.
I tried to resolve "http://wd.mirmana.com/S95countryblock" and got nothing. I changed it to "http://www.mirmana.com/S95countryblock" and still got nothing.
Are you in China?
You are not allowed to use your browser.
Use wget... _________________ Asus RT16N + OTRW
Kingston 4GB USB-disk 128 MB swap + 1.4GB ext3 on /opt + 2 GB ext3 on /mnt
Copperjet 1616 modem in ZipB-config
Asterisk, pixelserv & Pound running on router
Another Asus RT16N as WDS-bridge
I tried to resolve "http://wd.mirmana.com/S95countryblock" and got nothing. I changed it to "http://www.mirmana.com/S95countryblock" and still got nothing.
Are you in China?
You are not allowed to use your browser.
Use wget...
Nope, in the States. Thanks again....I'll get it working
I did several tests and am able to download stuff from abroad. I even downloaded the script just now from the States....
Here's an alternative:
http://pastebin.com/m24cb1f35 _________________ Asus RT16N + OTRW
Kingston 4GB USB-disk 128 MB swap + 1.4GB ext3 on /opt + 2 GB ext3 on /mnt
Copperjet 1616 modem in ZipB-config
Asterisk, pixelserv & Pound running on router
Another Asus RT16N as WDS-bridge
The example will block Asia but whitelists Japan. It will add all subnets from China and will block Afghanistan...
If whitelisting of Japan would have been left out, the amount of rules would only be 136 _________________ Asus RT16N + OTRW
Kingston 4GB USB-disk 128 MB swap + 1.4GB ext3 on /opt + 2 GB ext3 on /mnt
Copperjet 1616 modem in ZipB-config
Asterisk, pixelserv & Pound running on router
Another Asus RT16N as WDS-bridge
Joined: 24 Feb 2009 Posts: 2026 Location: Sol System > Earth > USA > Arkansas
Posted: Wed Nov 04, 2009 0:46 Post subject:
frater wrote:
It's an original idea of mine which doesn't mean nobody thought of it before....
Only if we were *all* a gifted scripter as yourself frater. _________________ E3000 22200M KongVPN K26
WRT600n v1.1 refirb mega 18767 BS K24 NEWD2 [not used]
WRT54G v2 16214 BS K24 [access point]
Try Dropbox for syncing files - get 2.5gb online for free by signing up.
Read! Peacock thread
*PLEASE* upgrade PAST v24SP1 or no support.
You can NOT get it with safari, firefox, IE... You'll need to use wget. _________________ Asus RT16N + OTRW
Kingston 4GB USB-disk 128 MB swap + 1.4GB ext3 on /opt + 2 GB ext3 on /mnt
Copperjet 1616 modem in ZipB-config
Asterisk, pixelserv & Pound running on router
Another Asus RT16N as WDS-bridge