Oh crap, dd-wrt flushes the entire filter table instead of just individual chains. I was thinking you could just leave it there after startup but nope...
I can't even seem to get it to execute .wanup or .if scripts at all. _________________ Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
Yes, all the rules are flushed every time.
The scripts have to be executable.
Here's an example run:
Code:
# service asiablock start
S95asiablock: Create static network to block
S95asiablock: network consists of 17 subnets
S95asiablock: Break down big network into Class A subnets
S95asiablock: Downloading http://www.ipdeny.com/ipblocks/data/countries/us.zone to /tmp/country
S95asiablock: Downloaded 38809 subnets from country us
S95asiablock: 77 subnets are in spamnet
S95asiablock: "aggregate" brought this down to 35 subnets
S95asiablock: A total of 35 exceptions to the general blocklist are found
S95asiablock: Create Hamlist
S95asiablock: Hamlist created
S95asiablock: Downloading http://www.ipdeny.com/ipblocks/data/countries/af.zone to /tmp/country
S95asiablock: Downloaded 17 subnets from country af
S95asiablock: "aggregate" brought this down to 16 subnets
S95asiablock: Checking 16 rules for country af
S95asiablock: 0 rules added for country af
S95asiablock: Downloading http://www.ipdeny.com/ipblocks/data/countries/cn.zone to /tmp/country
S95asiablock: Downloaded 1647 subnets from country cn
S95asiablock: "aggregate" brought this down to 873 subnets
S95asiablock: Checking 873 rules for country cn
S95asiablock: 15 rules added for country cn
S95asiablock: Downloading http://www.ipdeny.com/ipblocks/data/countries/in.zone to /tmp/country
S95asiablock: Downloaded 678 subnets from country in
S95asiablock: "aggregate" brought this down to 546 subnets
S95asiablock: Checking 546 rules for country in
S95asiablock: 21 rules added for country in
S95asiablock: Downloading http://www.ipdeny.com/ipblocks/data/countries/pk.zone to /tmp/country
S95asiablock: Downloaded 121 subnets from country pk
S95asiablock: "aggregate" brought this down to 106 subnets
S95asiablock: Checking 106 rules for country pk
S95asiablock: 1 rules added for country pk
S95asiablock: Downloading http://www.ipdeny.com/ipblocks/data/countries/my.zone to /tmp/country
S95asiablock: Downloaded 262 subnets from country my
S95asiablock: "aggregate" brought this down to 151 subnets
S95asiablock: Checking 151 rules for country my
S95asiablock: 6 rules added for country my
S95asiablock: Downloading http://www.ipdeny.com/ipblocks/data/countries/kh.zone to /tmp/country
S95asiablock: Downloaded 48 subnets from country kh
S95asiablock: "aggregate" brought this down to 46 subnets
S95asiablock: Checking 46 rules for country kh
S95asiablock: 0 rules added for country kh
S95asiablock: Removing /tmp/country
S95asiablock: A total of 60 blocks are found
S95asiablock: "aggregate" brought it down to 58 blocks
S95asiablock: Stop iptables
S95asiablock: Start iptables
S95asiablock: It took 4 seconds to load 96 rules into iptables
_________________ Asus RT16N + OTRW
Kingston 4GB USB-disk 128 MB swap + 1.4GB ext3 on /opt + 2 GB ext3 on /mnt
Copperjet 1616 modem in ZipB-config
Asterisk, pixelserv & Pound running on router
Another Asus RT16N as WDS-bridge
Just successfully got dd-wrt (13525)(micro) working on a wrt54gs v5. This particular model is mine, which will eventually be used in my apartment. My boss asked me last week if we could block China (thinking this was a fairly straightforward thing to do).
So for the first question, is an older linksys device (such as this one w/ 2mb flash & 16mb ram) advisable to use for this scenario, or do you suggest a newer router (such as the ASUS RT-N16) with way more resources?
Secondly has there been as change to the code / procedures listed in these posts since last November, or is that code as good as it gets at the moment?
Just successfully got dd-wrt (13525)(micro) working on a wrt54gs v5. This particular model is mine, which will eventually be used in my apartment. My boss asked me last week if we could block China (thinking this was a fairly straightforward thing to do).
So for the first question, is an older linksys device (such as this one w/ 2mb flash & 16mb ram) advisable to use for this scenario, or do you suggest a newer router (such as the ASUS RT-N16) with way more resources?
Secondly has there been as change to the code / procedures listed in these posts since last November, or is that code as good as it gets at the moment?
Thanks!
not enough flash space or ram on that older Linksys. I use the RT-N16 for my asiablock with frater's Optware, The Right Way. _________________ Peacock Thread-FAQ -- dd-wrt Wiki
Just successfully got dd-wrt (13525)(micro) working on a wrt54gs v5. This particular model is mine, which will eventually be used in my apartment. My boss asked me last week if we could block China (thinking this was a fairly straightforward thing to do).
So for the first question, is an older linksys device (such as this one w/ 2mb flash & 16mb ram) advisable to use for this scenario, or do you suggest a newer router (such as the ASUS RT-N16) with way more resources?
Secondly has there been as change to the code / procedures listed in these posts since last November, or is that code as good as it gets at the moment?
Thanks!
not enough flash space or ram on that older Linksys. I use the RT-N16 for my asiablock with frater's Optware, The Right Way.
Thanks for the heads up. I am most likely going to suggest the RT-N16 to my boss. Since time costs money, is there by chance a version of the dd-wrt firmware that can be purchased with this asia block method already configured (for the RT-N16)?
Thanks for the heads up. I am most likely going to suggest the RT-N16 to my boss. Since time costs money, is there by chance a version of the dd-wrt firmware that can be purchased with this asia block method already configured (for the RT-N16)?
Thanks.
There are some thinks I would love to see integrated in DD-WRT, but this isn't one of them due to its dynamic nature.
After installing USB storage it isn't that difficult to get going. Especially if you did it before. _________________ Asus RT16N + OTRW
Kingston 4GB USB-disk 128 MB swap + 1.4GB ext3 on /opt + 2 GB ext3 on /mnt
Copperjet 1616 modem in ZipB-config
Asterisk, pixelserv & Pound running on router
Another Asus RT16N as WDS-bridge
What would be the ramifications of the following scenario:
Write an executable shell script that loads on startup the script would download the files used in peerblock to block IP addresses using wget. the file is then read and inserts each line from the files into the iptables using variables.
The questions I have is,
Would the script crash the router?
Outside of the iptables taking up resources, would the script take much more additional resources?
Why don't you just look into the wiki according to the post just above your own and search for "asiablock" on this forum. No need to reinvent the wheel.
Is it possible to block certain countries without having Optware installed but with jffs on Linksys E2000? _________________ Asus WL-500GPv2 + OTRW (CABLE) - DD-WRT v24-sp2 (08/12/10) mini-usb-ftp - K24 build 14929
Asus RT-N16 + OTRW take2 (PPPoE) - DD-WRT king kongmod Release: 02/03/13 (SVN: 20500M)
Linksys E4200 + DD-WRT v24-sp2 (02/03/13) stdkong - build 20500M - Repeater Bridge