Where is the machine that you're trying to connect from. Everything works correctly except 2 firewall rules: iptables -I INPUT -i br1 -p tcp -dport With these rules in place guests cannot get to the internet via a web browser. This will allow connections from any IP to access the https port, if you want to restrict so only one address can connect, then use: iptables -I INPUT -s -p tcp -dport 443 -j ACCEPT determine whether the firewall config is denying the https connection) is: iptables -I INPUT -p tcp -dport 443 -j ACCEPT The command you want to use to allow the https port (i.e. Check iptables -L to see what firewall ports are blocked/enabled. If the port is running then the next thing to check is the firewall. If you find an entry with https or 443, make a note of what ip address it's bound to. Log in via SSH and check whether the https port is listening for connections with: netstat -tl If the fileserver is a linux host then just put iptables rules on the fileerver to reject the local hosts you dont want to have access.First things first, are you hitting "Apply" and not just "Save" at the bottom of the config page? #add this once to allow all other outgoing I have some issues with the current stock firmware not giving ips to wifi. # this will block the service for every host on the network Netgear R9000 Nighthawk X10 Smart WiFi Router on SmallNetBuilder DD-WRT + and. #for each outgoing service you want to block to all local host add one of these: # external service then you add one of these for each local client and external # if you only wanted to block the outgoing access for a given local IP to an I put the Linksys firmware back on and everything works just fine. The signal seems not as strong as the default Linksys firmware. No complex setup, just the two Wi-Fi bands (2.4 & 5 GHz) with an Netgear Wi-Fi extender EX7500. Iptables -A INPUT -j REJECT -reject-with icmp-host-prohibited I have tried to run DD-WRT on my WRT3200 ACM. #for each local client that should not have fileserver access add one of these: Iptables -A INPUT -m state -state NEW -m udp -p udp -dport -j ACCEPT #for each incoming udp service you want to allow add one of these: Iptables -A INPUT -m state -state NEW -m tcp -p tcp -dport -j ACCEPT #for each incoming tcp service you want to allow add one of these: Iptables -A INPUT -m state -state ESTABLISHED,RELATED -j ACCEPT Iptables -A INPUT -p icmp -icmp-type any -j ACCEPT I'm not familir with the wrt distro, so I am not sure where you should put these rules. If they do need to go via the router then I have included a rule that I think will help. in the same IP network and the same physical segment) as the packet will not need to traverse the router to travel between them. This is explained in this article in DD-WRT wiki. Once jffs is mounted read-write, create directory '/jffs/firewall' where fwbuilder will store generated script. Instructions are provided in the DD-WRT wiki. Stopping the local clients acessing the file server may not be possible if they are on the same nertwork (i.e. First of all, activate JFFS/JFFS2 (Journaling Flash File System) on the firewall. I can't give you an exact answer, but the following should help and give you a rough idea.
0 Comments
Leave a Reply. |