How to use Access Restrictions

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Goto page Previous  1, 2, 3, 4, 5, 6  Next
Author Message
Donny
DD-WRT Guru


Joined: 13 Nov 2008
Posts: 5266
Location: CENTRAL Midnowhere

PostPosted: Thu Nov 20, 2008 17:44    Post subject: Re: DD-WRT and Access Restrictions on a Linksys WRT54G v8 Ro Reply with quote
Maconvert wrote:
I need to know if I can set up the following access restrictions for one specific MAC address:



I believe that you can do all that you wish, except time when the particular websites are visited. I think you can either ban them outright, or allow them, but not time the access to particular websites.
Sponsor
Maconvert
DD-WRT Novice


Joined: 20 Nov 2008
Posts: 40

PostPosted: Thu Nov 20, 2008 18:00    Post subject: Re: DD-WRT and Access Restrictions on a Linksys WRT54G v8 Ro Reply with quote
That kind of sucks then, because that’s basically what the Linksys firmware already allows me to do.
Are you sure I can’t have selective filtering based on time?
Maconvert
DD-WRT Novice


Joined: 20 Nov 2008
Posts: 40

PostPosted: Thu Nov 20, 2008 18:08    Post subject: Reply with quote
Sweet!
So I can do what I want to do then.
The max amount of restriction schemes is 10 - correct?
What's the limit on the number of web address filtered in a particular scheme?
I think Linksys allows you to block 4 (or is it 6?).

Please let me know.

Cheers.
Maconvert
DD-WRT Novice


Joined: 20 Nov 2008
Posts: 40

PostPosted: Thu Nov 20, 2008 18:13    Post subject: Reply with quote
More than 4 though - right?
Kingdomcome
DD-WRT User


Joined: 24 Dec 2006
Posts: 134

PostPosted: Thu Nov 20, 2008 18:22    Post subject: Reply with quote
there are 9 fields in each section. you can always make another policy to get 9 more fields. if you have less than 9 urls to block, you should be able to accomplish this with 4 policies: deny 10-11:59; deny mid-6; filter 7-4:30 urls; filter 6-10 urls. theoretically you can block up to 36 urls by repeating the filter policies with 9 new urls. On a side note: make sure you set up your timezone and dst on the Setup page so the filters work when expected. Good Times
_________________
Maconvert
DD-WRT Novice


Joined: 20 Nov 2008
Posts: 40

PostPosted: Thu Nov 20, 2008 21:10    Post subject: Reply with quote
Hi,

So, the filters only go into effect during the times that I specify. I don’t have to even mention the times that full internet access is granted. That’s just assumed.
Am I correct in my understanding?
If so, I am going to upgrade my firmware this weekend.

Two more questions while I’m here:

How easy is it to revert back to the Linksys firmware if I decide to later?

Can I load the Linksys settings configuration file into the DD-WRT firmware so that I don’t have to re-do everything (login name, WEP key, channel, etc) by hand?

I look forward to your reply.

Cheers.
Kingdomcome
DD-WRT User


Joined: 24 Dec 2006
Posts: 134

PostPosted: Fri Nov 21, 2008 2:52    Post subject: Reply with quote
Normally access is granted 24/7, you then can use policies to narrow it down how you like. DO NOT try to copy and restore any settings. If you read a few of the threads on here and you will see more than 60% of the problems arise from not executing a hard reset before and after upgrading. You will save yourself a LOT of trouble by reading the wiki on upgrading (flashing) dd-wrt the first time and also for your particular unit as well. And read the first two post in "The Peacock Thread" to familiarize yourself with a few of the issue you may run across. Good Times
_________________
roadkiler
DD-WRT Novice


Joined: 11 Mar 2008
Posts: 5

PostPosted: Tue Dec 02, 2008 16:43    Post subject: Reply with quote
Hi to all,
i need some help with blocking internet access.

I have 2 linksys with eko firmware, 1 Access point and 1 client.
On the client i need to block any internet access, but i need to have full access to lan all the time.
How can i do it?


Best Regards
Donny
DD-WRT Guru


Joined: 13 Nov 2008
Posts: 5266
Location: CENTRAL Midnowhere

PostPosted: Tue Dec 02, 2008 17:06    Post subject: Reply with quote
roadkiler wrote:
On the client i need to block any internet access, but i need to have full access to lan all the time.
How can i do it?


Can't use access restrictions on a client repeater...has to be on the AP. Might be able to do it with IP tables, (but I don't know anything about that) but not on the standard access restriction webgui in the client.

_________________
Warning: I'm "out of my element!"
http://www.youtube.com/watch?v=MjYJ7zZ9BRw&NR=1

Peacock Thread Sticky- Just read it! (Anyone using SP1 will be taken out back and shot)
http://www.dd-wrt.com/phpBB2/viewtopic.php?t=51486
baudm
DD-WRT Novice


Joined: 04 Nov 2008
Posts: 5

PostPosted: Tue Dec 02, 2008 17:35    Post subject: Reply with quote
Can anybody confirm if this is a bug or just by design: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=40343

In a nutshell: Blocked Ports seem to affect the source port, not the destination port. Basically, this means that port blocking is useless since the source ports doesn't really correspond to anything.

Code:
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 192.168.1.2:139         192.168.1.50:1166       ESTABLISHED
tcp        0      0 192.168.1.2:46261       aa.bb.cc.dd:443          ESTABLISHED
tcp        0      0 192.168.1.2:44032       xx.xy.yy.zz:80            ESTABLISHED
tcp        0      0 192.168.1.2:60313       ab.cd.ef.gh:8080        TIME_WAIT
RoundSparrow
DD-WRT User


Joined: 28 Nov 2008
Posts: 112

PostPosted: Sat Dec 13, 2008 23:39    Post subject: Reply with quote
Not that the Policy programming wouldn't be an exercise in insanity... but has anyone tried altering dd-wrt programming to support 20 Policy rules instead of just 10?
hf
DD-WRT Novice


Joined: 20 Feb 2009
Posts: 5

PostPosted: Fri Feb 20, 2009 23:47    Post subject: Re: How to use Access Restrictions Reply with quote
Eko wrote:
3) "Deny" policy
- Deny policy completely blocks internet access. (filters are of course not used). If you need to deny internet access e.g form 10PM to 6AM, make 2 policies: 1st from 22:00 - 23:59; 2nd form 0:00 to 06:00


I am running DD-WRT v24-sp1 on WRT54GL and access restrictions do not work correctly.
I have exactly the scenario described by Eko.

Rule1: Deny, Everyday, 23:30-23:59, nothing else filled
Rule2: Deny, Everyday, 00:00-06:00, nothing else filled
no other rules.

Rule1 works correctly. Rule2 doesn't work. Internet is accessible from 00:00.
What could be wrong?

Thanks,
hf
Donny
DD-WRT Guru


Joined: 13 Nov 2008
Posts: 5266
Location: CENTRAL Midnowhere

PostPosted: Sat Feb 21, 2009 0:26    Post subject: Re: How to use Access Restrictions Reply with quote
hf wrote:
What could be wrong?


This?
hf wrote:
I am running DD-WRT v24-sp1


Upgrade to svn11296. Also, try 00:01 and make sure the restriction is enabled.

_________________
Warning: I'm "out of my element!"
http://www.youtube.com/watch?v=MjYJ7zZ9BRw&NR=1

Peacock Thread Sticky- Just read it! (Anyone using SP1 will be taken out back and shot)
http://www.dd-wrt.com/phpBB2/viewtopic.php?t=51486
hf
DD-WRT Novice


Joined: 20 Feb 2009
Posts: 5

PostPosted: Sat Feb 21, 2009 8:04    Post subject: Re: How to use Access Restrictions Reply with quote
Donny wrote:
Upgrade to svn11296. Also, try 00:01 and make sure the restriction is enabled.

Hi,
Thanks for the answer. I tried 00:01 earlier and did not work. Of course the rules are both enabled.

I have upgraded to svn11296 NEWD std. I will see at midnight if it works.

Thanks,
hf
hf
DD-WRT Novice


Joined: 20 Feb 2009
Posts: 5

PostPosted: Sat Feb 21, 2009 23:57    Post subject: Re: How to use Access Restrictions Reply with quote
Donny wrote:
Upgrade to svn11296.


Still doesn't work Sad
What could be the problem? Rolling Eyes
Goto page Previous  1, 2, 3, 4, 5, 6  Next Display posts from previous:    Page 3 of 6
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum