![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
nightanole
[H]ard|Gawd
- Joined
- Feb 16, 2003
- Messages
- 2,032
So i have a asus rt-n66u running tomato.
These settings seem to do the trick for:
-keeping guests from getting access to the router
-keeping guests from getting access to the cable modem (192.168.100.1)
-keeping guests from hopping from their subnet to the main subnet
Ive tested this to as much as my Amateur ablity can but would like some opinions.
iptables -I INPUT -i br1 -m state --state NEW -j DROP
iptables -I INPUT -i br1 -p udp -m multiport --dports 53,67 -j ACCEPT
iptables -I FORWARD -i br1 -d 192.168.100.1 -j DROP
iptables -I FORWARD -i br1 -o br0 -m state --state NEW -j DROP
br1 is guest, br0 is main.
first line blocks everything from the router.
2nd line punches some holes so dhcp and dns work.
3rd line blocks access to the modem.
4th line blocks hops from guest to main.
These settings seem to do the trick for:
-keeping guests from getting access to the router
-keeping guests from getting access to the cable modem (192.168.100.1)
-keeping guests from hopping from their subnet to the main subnet
Ive tested this to as much as my Amateur ablity can but would like some opinions.
iptables -I INPUT -i br1 -m state --state NEW -j DROP
iptables -I INPUT -i br1 -p udp -m multiport --dports 53,67 -j ACCEPT
iptables -I FORWARD -i br1 -d 192.168.100.1 -j DROP
iptables -I FORWARD -i br1 -o br0 -m state --state NEW -j DROP
br1 is guest, br0 is main.
first line blocks everything from the router.
2nd line punches some holes so dhcp and dns work.
3rd line blocks access to the modem.
4th line blocks hops from guest to main.