iptables

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
View previous topic :: View next topic  
Author Message
dutch1918
DD-WRT Novice


Joined: 17 Jul 2006
Posts: 11
PostPosted: Mon Nov 06, 2006 22:03    Post subject: iptables Reply with quote
I have DD-WRT v23 SP2 installed using chillspot which is assigned 192.168.182.0/24. I note that the users on the wlan can still gain access to some web-gui that I don't want them to access. ie 192.168.1.1 and 192.168.0.1. How can I block these addresses using command shell?
Back to top View user's profile Send private message
Sponsor
dutch1918
DD-WRT Novice


Joined: 17 Jul 2006
Posts: 11
PostPosted: Tue Nov 14, 2006 14:54    Post subject: Reply with quote
anyone knows how to do iptables?
Back to top View user's profile Send private message
DeepBlueDiver
DD-WRT Novice


Joined: 14 Nov 2006
Posts: 10
Location: Argentina
PostPosted: Tue Nov 14, 2006 20:29    Post subject: Reply with quote
This will block TCP packets from 192.168.182.x to port 80 in 192.168.1.1 or in 192.168.0.1 :

iptables -I FORWARD 1 -s 192.168.182.0/24 -d 192.168.1.1 -p tcp --dport 80 -j DROP
iptables -I FORWARD 1 -s 192.168.182.0/24 -d 192.168.0.1 -p tcp --dport 80 -j DROP

Google "iptables man page" to learn more about iptables syntax.
Back to top View user's profile Send private message
dutch1918
DD-WRT Novice


Joined: 17 Jul 2006
Posts: 11
PostPosted: Wed Nov 29, 2006 12:59    Post subject: Reply with quote
DeepBlueDiver wrote:
This will block TCP packets from 192.168.182.x to port 80 in 192.168.1.1 or in 192.168.0.1 :

iptables -I FORWARD 1 -s 192.168.182.0/24 -d 192.168.1.1 -p tcp --dport 80 -j DROP
iptables -I FORWARD 1 -s 192.168.182.0/24 -d 192.168.0.1 -p tcp --dport 80 -j DROP

Google "iptables man page" to learn more about iptables syntax.


Thanks.. now if someone can tell me how to put those in the dd-wrt iptables so they don't drop out after a reboot I will be set.

BTW the "Block Web Page By URL" does not work.
Back to top View user's profile Send private message
Blackraven
DD-WRT User


Joined: 10 Jul 2006
Posts: 402
Location: NL
PostPosted: Wed Nov 29, 2006 13:42    Post subject: Reply with quote
under Administration -> Commands
type in the iptable commands
Then save firewall and they should appear under your firewall script
_________________
EA6900 DD-WRT v3.0-r48305 std
EA6900 FreshTomato 2022.1
DIR825 B1 DD-WRT v3.0-r30949 std
retired:
WRT54GL v1.1 DD-WRT v24-SP2 vpn - build 10550
WRT610N v1 DD-WRT v24-preSP2 - build 14929 mega
Back to top View user's profile Send private message
dutch1918
DD-WRT Novice


Joined: 17 Jul 2006
Posts: 11
PostPosted: Fri Dec 15, 2006 19:24    Post subject: Reply with quote
Blackraven wrote:
under Administration -> Commands
type in the iptable commands
Then save firewall and they should appear under your firewall script


Thanks.. Now if I understand things, say I want to add block port 25 from 192.168.182.0/24 I would use the following:

iptables -I FORWARD 2 -s 192.168.182.0/24 -p tcp --dport 25 -j DROP or should it be
iptables -I FORWARD 2 -s 192.168.182.0/24 -d anywhere -p tcp --dport 25 -j DROP
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum