Antilycus
DD-WRT Novice
Joined: 15 Jan 2010
Posts: 45
|
 Posted: Thu Jun 28, 2012 23:52 Post subject: 2 linksys routers w/ DD-WRT bogged down because of wan! help |
 |
First of all I have been using DD-WRT for years to run my little consulting company. I recently (With-in the past two weeks) started hosting clients .jpg e-mail signature logos and have noticed a massive slow down on my company page (including the .jpg links) so http://www.url.com/images/company1.jpg would take 7 or 8 seconds to load.
I then look at the load on the WRT310n-v2 and it's pegged @ 100% all the time. The only way I could get into the device was to disconnect the WAN port and then I could http into it.
I ended up locking it out trying to ugprade the firmware and since have purchase a Linksys e900 @ 300mhz and the same thing has happened here. I have added tons and tons of blocks from Middle Eastern addresses but I still can't port 80 into it. Can someone please take a look into my firewall file and tell me what I am messing up?
I also am trying to port 80 traffic to 80.38.100.28 (lan webserver) and instead it goes to port 80 on the E900 and asks to sign in.
Please help.
-----
# save firewall
## - Drop the incoming signal/ipaddress - ##
## list from www.unixhub.com/block.html ##
#iptables -I FORWARD -s 74.125.225.0/24 -j REJECT (googles junk, i cant get to half the pages out there without keeping this in)
iptables -I FORWARD -s 219.0.0.0/8 -j DROP
iptables -I FORWARD -s 220.0.0.0/8 -j DROP
iptables -I FORWARD -s 221.0.0.0/8 -j DROP
iptables -I FORWARD -s 222.0.0.0/8 -j DROP
iptables -I FORWARD -s 210.0.0.0/8 -j DROP
iptables -I FORWARD -s 211.0.0.0/8 -j DROP
iptables -I FORWARD -s 200.0.0.0/8 -j DROP
iptables -I FORWARD -s 199.36.0.0/16 -j DROP
iptables -I FORWARD -s 199.95.207.0/24 -j DROP
iptables -I FORWARD -s 199.95.208.0/24 -j DROP
iptables -I FORWARD -s 209.67.38.99 -j DROP
iptables -I FORWARD -s 204.178.112.170 -j DROP
iptables -I FORWARD -s 216.52.13.39 -j DROP
iptables -I FORWARD -s 216.52.13.23 -j DROP
iptables -I FORWARD -s 209.204.128.0/18 -j DROP
iptables -I FORWARD -s 108.171.241.190 -j DROP
iptables -I FORWARD -s 199.36.74.127 -j DROP
iptables -I FORWARD -s 60.173.26.221 -j DROP
iptables -I FORWARD -s 199.192.153.26 -j DROP
iptables -I FORWARD -s 60.169.78.90 -j DROP
iptables -I FORWARD -s 76.164.231.83 -j DROP
iptables -I FORWARD -s 184.82.45.171 -j DROP
iptables -I FORWARD -s 17.174.60.77 -j DROP
iptables -I FORWARD -s 113.106.25.114 -j DROP
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j DNAT --to 80.38.100.28:80
iptables -A FORWARD -p tcp -d 80.38.100.28 --dport 80 -j ACCEPT
# this is supposed to help on the ddos attacks. I implemented this because I thought I was under DDOS which just lifted today (3 days after)
iptables -N rate_limit
iptables -F rate_limit
iptables -A rate_limit -p tcp --dport 22 -m limit --limit 3/min --limit-burst 3 -j ACCEPT
iptables -A rate_limit -p udp --dport 1194 -m limit --limit 3/min --limit-burst 3 -j ACCEPT
iptables -A rate_limit -p tcp --dport 80 -m limit --limit 7/sec -j ACCEPT
iptables -A rate_limit -p ICMP --icmp-type echo-request -m limit --limit 3/sec -j ACCEPT
#iptables -A rate_limit -p <protocol> --dport <port> -m limit --limit <x/sec/min/hr> --limit-burst X -j ACCEPT
iptables -A rate_limit -p ! ICMP -j LOG --log-prefix " Connection dropped!! "
iptables -A rate_limit -p tcp -j REJECT --reject-with tcp-reset
iptables -A rate_limit -p udp -j REJECT --reject-with icmp-port-unreachable
iptables -A rate_limit -j DROP
iptables -I INPUT -p ICMP --icmp-type echo-request -j rate_limit
iptables -I INPUT -p tcp --dport 22 -m state --state NEW -j rate_limit
iptables -I INPUT -p udp --dport 1194 -m state --state NEW -j rate_limit
iptables -I INPUT -p tcp --dport 80 -m state --state NEW -j rate_limit
#iptables -I INPUT -p <protocol> --dport <port> -m state --state NEW -j rate_limit |
|
