Blocking Regions/Countries Help

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Goto page Previous  1, 2, 3
Author Message
phuzi0n
DD-WRT Guru


Joined: 10 Oct 2006
Posts: 10141

PostPosted: Fri Nov 06, 2009 23:39    Post subject: Reply with quote
Oh crap, dd-wrt flushes the entire filter table instead of just individual chains. I was thinking you could just leave it there after startup but nope...

I can't even seem to get it to execute .wanup or .if scripts at all.

_________________
Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
Sponsor
frater
DD-WRT Guru


Joined: 07 Jun 2006
Posts: 2777

PostPosted: Fri Nov 06, 2009 23:54    Post subject: Reply with quote
Yes, all the rules are flushed every time.
The scripts have to be executable.

Here's an example run:

Code:
# service asiablock start
S95asiablock: Create static network to block
S95asiablock: network consists of 17 subnets
S95asiablock: Break down big network into Class A subnets
S95asiablock: Downloading http://www.ipdeny.com/ipblocks/data/countries/us.zone to /tmp/country
S95asiablock: Downloaded 38809 subnets from country us
S95asiablock: 77 subnets are in spamnet
S95asiablock: "aggregate" brought this down to 35 subnets
S95asiablock: A total of 35 exceptions to the general blocklist are found
S95asiablock: Create Hamlist
S95asiablock: Hamlist created
S95asiablock: Downloading http://www.ipdeny.com/ipblocks/data/countries/af.zone to /tmp/country
S95asiablock: Downloaded 17 subnets from country af
S95asiablock: "aggregate" brought this down to 16 subnets
S95asiablock: Checking 16 rules for country af
S95asiablock: 0 rules added for country af
S95asiablock: Downloading http://www.ipdeny.com/ipblocks/data/countries/cn.zone to /tmp/country
S95asiablock: Downloaded 1647 subnets from country cn
S95asiablock: "aggregate" brought this down to 873 subnets
S95asiablock: Checking 873 rules for country cn
S95asiablock: 15 rules added for country cn
S95asiablock: Downloading http://www.ipdeny.com/ipblocks/data/countries/in.zone to /tmp/country
S95asiablock: Downloaded 678 subnets from country in
S95asiablock: "aggregate" brought this down to 546 subnets
S95asiablock: Checking 546 rules for country in
S95asiablock: 21 rules added for country in
S95asiablock: Downloading http://www.ipdeny.com/ipblocks/data/countries/pk.zone to /tmp/country
S95asiablock: Downloaded 121 subnets from country pk
S95asiablock: "aggregate" brought this down to 106 subnets
S95asiablock: Checking 106 rules for country pk
S95asiablock: 1 rules added for country pk
S95asiablock: Downloading http://www.ipdeny.com/ipblocks/data/countries/my.zone to /tmp/country
S95asiablock: Downloaded 262 subnets from country my
S95asiablock: "aggregate" brought this down to 151 subnets
S95asiablock: Checking 151 rules for country my
S95asiablock: 6 rules added for country my
S95asiablock: Downloading http://www.ipdeny.com/ipblocks/data/countries/kh.zone to /tmp/country
S95asiablock: Downloaded 48 subnets from country kh
S95asiablock: "aggregate" brought this down to 46 subnets
S95asiablock: Checking 46 rules for country kh
S95asiablock: 0 rules added for country kh
S95asiablock: Removing /tmp/country
S95asiablock: A total of 60 blocks are found
S95asiablock: "aggregate" brought it down to 58 blocks
S95asiablock: Stop iptables
S95asiablock: Start iptables
S95asiablock: It took 4 seconds to load 96 rules into iptables

_________________
Asus RT16N + OTRW
Kingston 4GB USB-disk 128 MB swap + 1.4GB ext3 on /opt + 2 GB ext3 on /mnt
Copperjet 1616 modem in ZipB-config
Asterisk, pixelserv & Pound running on router
Another Asus RT16N as WDS-bridge

DD-WRT v24-sp2 vpn (c) 2010 NewMedia-NET GmbH
Release: 12/16/10 (SVN revision: 15758M)
xi Slick ix
DD-WRT Novice


Joined: 01 Jul 2010
Posts: 24

PostPosted: Thu Jul 01, 2010 15:26    Post subject: Question / Suggestion Reply with quote
**Sorry to bump a 7-month old post**

Just successfully got dd-wrt (13525)(micro) working on a wrt54gs v5. This particular model is mine, which will eventually be used in my apartment. My boss asked me last week if we could block China (thinking this was a fairly straightforward thing to do).

So for the first question, is an older linksys device (such as this one w/ 2mb flash & 16mb ram) advisable to use for this scenario, or do you suggest a newer router (such as the ASUS RT-N16) with way more resources?

Secondly has there been as change to the code / procedures listed in these posts since last November, or is that code as good as it gets at the moment?

Thanks!
Dark_Shadow
DD-WRT Guru


Joined: 31 Aug 2009
Posts: 2448
Location: Third Rock from the Sun

PostPosted: Thu Jul 01, 2010 15:55    Post subject: Re: Question / Suggestion Reply with quote
xi Slick ix wrote:
**Sorry to bump a 7-month old post**

Just successfully got dd-wrt (13525)(micro) working on a wrt54gs v5. This particular model is mine, which will eventually be used in my apartment. My boss asked me last week if we could block China (thinking this was a fairly straightforward thing to do).

So for the first question, is an older linksys device (such as this one w/ 2mb flash & 16mb ram) advisable to use for this scenario, or do you suggest a newer router (such as the ASUS RT-N16) with way more resources?

Secondly has there been as change to the code / procedures listed in these posts since last November, or is that code as good as it gets at the moment?

Thanks!
not enough flash space or ram on that older Linksys. I use the RT-N16 for my asiablock with frater's Optware, The Right Way.
_________________
Peacock Thread-FAQ -- dd-wrt Wiki

Testing Multiple Routers -- Bootloader Collection Project -- My Wiki
xi Slick ix
DD-WRT Novice


Joined: 01 Jul 2010
Posts: 24

PostPosted: Thu Jul 01, 2010 16:42    Post subject: Re: Question / Suggestion Reply with quote
Dark_Shadow wrote:
xi Slick ix wrote:
**Sorry to bump a 7-month old post**

Just successfully got dd-wrt (13525)(micro) working on a wrt54gs v5. This particular model is mine, which will eventually be used in my apartment. My boss asked me last week if we could block China (thinking this was a fairly straightforward thing to do).

So for the first question, is an older linksys device (such as this one w/ 2mb flash & 16mb ram) advisable to use for this scenario, or do you suggest a newer router (such as the ASUS RT-N16) with way more resources?

Secondly has there been as change to the code / procedures listed in these posts since last November, or is that code as good as it gets at the moment?

Thanks!
not enough flash space or ram on that older Linksys. I use the RT-N16 for my asiablock with frater's Optware, The Right Way.



Thanks for the heads up. I am most likely going to suggest the RT-N16 to my boss. Since time costs money, is there by chance a version of the dd-wrt firmware that can be purchased with this asia block method already configured (for the RT-N16)?

Thanks.
frater
DD-WRT Guru


Joined: 07 Jun 2006
Posts: 2777

PostPosted: Thu Jul 01, 2010 16:52    Post subject: Re: Question / Suggestion Reply with quote
xi Slick ix wrote:
Thanks for the heads up. I am most likely going to suggest the RT-N16 to my boss. Since time costs money, is there by chance a version of the dd-wrt firmware that can be purchased with this asia block method already configured (for the RT-N16)?

Thanks.

There are some thinks I would love to see integrated in DD-WRT, but this isn't one of them due to its dynamic nature.

After installing USB storage it isn't that difficult to get going. Especially if you did it before.

_________________
Asus RT16N + OTRW
Kingston 4GB USB-disk 128 MB swap + 1.4GB ext3 on /opt + 2 GB ext3 on /mnt
Copperjet 1616 modem in ZipB-config
Asterisk, pixelserv & Pound running on router
Another Asus RT16N as WDS-bridge

DD-WRT v24-sp2 vpn (c) 2010 NewMedia-NET GmbH
Release: 12/16/10 (SVN revision: 15758M)
wifiphantom
DD-WRT Novice


Joined: 20 Jun 2011
Posts: 25

PostPosted: Sun Jul 10, 2011 9:42    Post subject: How to implement?? Reply with quote
Can I get a step by step guide on how you add this country block to DD-WRT?

Do I add a script and then hit the save start up button in commands?

Here is what I have as a start up script:

Code:
mkdir -p /opt/usr/sbin
wget -O /opt/usr/sbin/optlog http://wd.mirmana.com/optlog
ipkg-opt update
ipkg-opt install ipcalc
wget -O /opt/sbin/aggregate http://wd.mirmana.com/aggregate
chmod +x /opt/sbin/aggregate
wget -O /opt/etc/init.d/S95asiablock http://wd.mirmana.com/S95asiablock


Then I added the following iptable to the firewall:

Code:
iptables -I FORWARD -j asia


Help me figure this out please as I am a noob at this. lol
crashfly
DD-WRT Guru


Joined: 24 Feb 2009
Posts: 2026
Location: Sol System > Earth > USA > Arkansas

PostPosted: Sun Jul 10, 2011 17:45    Post subject: Reply with quote
Check the DD-WRT Wiki. It is already there.
http://www.dd-wrt.com/wiki/index.php/Optware%2C_the_Right_Way

_________________
E3000 22200M KongVPN K26
WRT600n v1.1 refirb mega 18767 BS K24 NEWD2 [not used]
WRT54G v2 16214 BS K24 [access point]

Try Dropbox for syncing files - get 2.5gb online for free by signing up.

Read! Peacock thread
*PLEASE* upgrade PAST v24SP1 or no support.
psychosquirrel
DD-WRT Novice


Joined: 22 Feb 2012
Posts: 8

PostPosted: Wed Feb 22, 2012 20:23    Post subject: Reply with quote
I have a Asus WL500W router running DD-WRT v24

What would be the ramifications of the following scenario:

Write an executable shell script that loads on startup the script would download the files used in peerblock to block IP addresses using wget. the file is then read and inserts each line from the files into the iptables using variables.

The questions I have is,

Would the script crash the router?
Outside of the iptables taking up resources, would the script take much more additional resources?
wabe
DD-WRT Guru


Joined: 17 Jun 2006
Posts: 889

PostPosted: Fri Feb 24, 2012 15:04    Post subject: Reply with quote
Why don't you just look into the wiki according to the post just above your own and search for "asiablock" on this forum. No need to reinvent the wheel.
Ampersand
DD-WRT User


Joined: 14 Jun 2009
Posts: 52

PostPosted: Mon Jan 21, 2013 19:14    Post subject: Reply with quote
Is it possible to block certain countries without having Optware installed but with jffs on Linksys E2000?
_________________
Asus WL-500GPv2 + OTRW (CABLE) - DD-WRT v24-sp2 (08/12/10) mini-usb-ftp - K24 build 14929
Asus RT-N16 + OTRW take2 (PPPoE) - DD-WRT king kongmod Release: 02/03/13 (SVN: 20500M)
Linksys E4200 + DD-WRT v24-sp2 (02/03/13) stdkong - build 20500M - Repeater Bridge
Goto page Previous  1, 2, 3 Display posts from previous:    Page 3 of 3
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum