Joined: 13 Nov 2008 Posts: 5266 Location: CENTRAL Midnowhere
Posted: Thu Nov 20, 2008 17:44 Post subject: Re: DD-WRT and Access Restrictions on a Linksys WRT54G v8 Ro
Maconvert wrote:
I need to know if I can set up the following access restrictions for one specific MAC address:
I believe that you can do all that you wish, except time when the particular websites are visited. I think you can either ban them outright, or allow them, but not time the access to particular websites.
Posted: Thu Nov 20, 2008 18:00 Post subject: Re: DD-WRT and Access Restrictions on a Linksys WRT54G v8 Ro
That kind of sucks then, because that’s basically what the Linksys firmware already allows me to do.
Are you sure I can’t have selective filtering based on time?
Sweet!
So I can do what I want to do then.
The max amount of restriction schemes is 10 - correct?
What's the limit on the number of web address filtered in a particular scheme?
I think Linksys allows you to block 4 (or is it 6?).
there are 9 fields in each section. you can always make another policy to get 9 more fields. if you have less than 9 urls to block, you should be able to accomplish this with 4 policies: deny 10-11:59; deny mid-6; filter 7-4:30 urls; filter 6-10 urls. theoretically you can block up to 36 urls by repeating the filter policies with 9 new urls. On a side note: make sure you set up your timezone and dst on the Setup page so the filters work when expected. Good Times _________________
So, the filters only go into effect during the times that I specify. I don’t have to even mention the times that full internet access is granted. That’s just assumed.
Am I correct in my understanding?
If so, I am going to upgrade my firmware this weekend.
Two more questions while I’m here:
How easy is it to revert back to the Linksys firmware if I decide to later?
Can I load the Linksys settings configuration file into the DD-WRT firmware so that I don’t have to re-do everything (login name, WEP key, channel, etc) by hand?
Normally access is granted 24/7, you then can use policies to narrow it down how you like. DO NOT try to copy and restore any settings. If you read a few of the threads on here and you will see more than 60% of the problems arise from not executing a hard reset before and after upgrading. You will save yourself a LOT of trouble by reading the wiki on upgrading (flashing) dd-wrt the first time and also for your particular unit as well. And read the first two post in "The Peacock Thread" to familiarize yourself with a few of the issue you may run across. Good Times _________________
Hi to all,
i need some help with blocking internet access.
I have 2 linksys with eko firmware, 1 Access point and 1 client.
On the client i need to block any internet access, but i need to have full access to lan all the time.
How can i do it?
Joined: 13 Nov 2008 Posts: 5266 Location: CENTRAL Midnowhere
Posted: Tue Dec 02, 2008 17:06 Post subject:
roadkiler wrote:
On the client i need to block any internet access, but i need to have full access to lan all the time.
How can i do it?
Can't use access restrictions on a client repeater...has to be on the AP. Might be able to do it with IP tables, (but I don't know anything about that) but not on the standard access restriction webgui in the client. _________________ Warning: I'm "out of my element!"
http://www.youtube.com/watch?v=MjYJ7zZ9BRw&NR=1
In a nutshell: Blocked Ports seem to affect the source port, not the destination port. Basically, this means that port blocking is useless since the source ports doesn't really correspond to anything.
Code:
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 192.168.1.2:139 192.168.1.50:1166 ESTABLISHED
tcp 0 0 192.168.1.2:46261 aa.bb.cc.dd:443 ESTABLISHED
tcp 0 0 192.168.1.2:44032 xx.xy.yy.zz:80 ESTABLISHED
tcp 0 0 192.168.1.2:60313 ab.cd.ef.gh:8080 TIME_WAIT
Not that the Policy programming wouldn't be an exercise in insanity... but has anyone tried altering dd-wrt programming to support 20 Policy rules instead of just 10?
Posted: Fri Feb 20, 2009 23:47 Post subject: Re: How to use Access Restrictions
Eko wrote:
3) "Deny" policy
- Deny policy completely blocks internet access. (filters are of course not used). If you need to deny internet access e.g form 10PM to 6AM, make 2 policies: 1st from 22:00 - 23:59; 2nd form 0:00 to 06:00
I am running DD-WRT v24-sp1 on WRT54GL and access restrictions do not work correctly.
I have exactly the scenario described by Eko.
Rule1: Deny, Everyday, 23:30-23:59, nothing else filled
Rule2: Deny, Everyday, 00:00-06:00, nothing else filled
no other rules.
Rule1 works correctly. Rule2 doesn't work. Internet is accessible from 00:00.
What could be wrong?