12/1/2023 0 Comments Firewall builder install dd wrtThis is also the place where the commits/changes to the source are administrated. If you are sure you have discovered a bug, after asking and querying the forum, you can report a real bug in the bug tracker: Use the build threads from the former step to report success or problems.ġ3.ğor older Broadcom routers (Linksys WRT series) read the peacock thread although some of it is outdated: īuilds can be found in the Broadcom directory for Linux kernel 2.4, in Broadcom_K26 for Linux K2.6 and in Broadcom_K3X for Linux K3.X.ġ4. Search build threads with the search function and search on build number.ġ2. This is an example of a build thread for build 41328 for Broadcom routers: If your post is answered and your problem solved, mark your thread with (the header of your first post).ġ0.ĝo NOT use the router database, builds can be found at:Īll builds are beta including those from the router database.ġ1.ěefore uploading a new build to your router, research the build by looking in the build threads. When posting pictures make sure the maximum width is not more than 600 pixels.Ĩ.ĝo not hijack a thread, meaning do not post your own problem in someone else's thread. Give as much detail as you can also provide your network setup if applicable.ħ. When posting always state router model, build number and when applicable the Kernel version.ĭescribe your problem and how you think it can be solved. Post in the right forum, from the former step you can see if your router is Broadcom, Qualcomm/Atheros, Marvell or other, use that forum to post router specific questions, for networking questions post in the Advanced Networking forum and for other things in the General Questions forum.Ħ. In the supported devices wiki you can see what architecture your router has and if you are lucky also an install guide/wiki.ĥ. Research your router, start with the supported devices wiki:Ĥ. Here is an excerpt of the forum rules, the rules are there so that we can help you better and we can all profit from it:ģ. Maybe you already know them but I attached an excerpt below You get better help if you follow the forum rules, like describing your problem, stating router model/build, posting in the right forum etc. If you just want general information google is your friend, just search for "DDWRT best security settings ", our esteemed forum member has a strong opinion on this matter So what is your specific problem, are you under attack, are you seeing unauthorized traffic, do you want to block specific services/protocols, do you want a kill switch for the VPN? The most important thing for me is to not allow any remote access other then by OpenVPN. That does not mean you can not do things to enhance your security. If the fileserver is a linux host then just put iptables rules on the fileerver to reject the local hosts you dont want to have access.DDWRT is safe when using the default settings. #add this once to allow all other outgoing # this will block the service for every host on the network #for each outgoing service you want to block to all local host add one of these: # external service then you add one of these for each local client and external # if you only wanted to block the outgoing access for a given local IP to an Iptables -A INPUT -j REJECT -reject-with icmp-host-prohibited #for each local client that should not have fileserver access add one of these: Iptables -A INPUT -m state -state NEW -m udp -p udp -dport -j ACCEPT #for each incoming udp service you want to allow add one of these: Iptables -A INPUT -m state -state NEW -m tcp -p tcp -dport -j ACCEPT #for each incoming tcp service you want to allow add one of these: Iptables -A INPUT -m state -state ESTABLISHED,RELATED -j ACCEPT Iptables -A INPUT -p icmp -icmp-type any -j ACCEPT I'm not familir with the wrt distro, so I am not sure where you should put these rules. If they do need to go via the router then I have included a rule that I think will help. in the same IP network and the same physical segment) as the packet will not need to traverse the router to travel between them. Stopping the local clients acessing the file server may not be possible if they are on the same nertwork (i.e. I can't give you an exact answer, but the following should help and give you a rough idea.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |