Manully configure OpenWRT to block outgoing connections
- Login to your router from the web with your favorite webrowser ( the default address is http://192.168.1.1 )
- Select the "System" tab then then "File Editor" sub tab.
- the file you want to edit is in /etc/firewall.user
- click the "Edit" button near the firewall.user file
- scroll to the end of this file and paste the following:
- for blocking from the entire LAN ("-i $LAN" part selects all interfaces on the LAN side)
iptables -A forwarding_rule -p udp -i $LAN --dport 5121 -j DROP
- if we are using wifi split from the bridge, we can add this rule:
[ -n "$WIFI" ] && iptables -A forwarding_rule -p udp -i $WIFI --dport 5121 -j DROP
- to block a port from one machine on the LAN (example is 192.168.1.101) from reaching outside the router:
iptables -A forwarding_rule -p udp -s 192.168.1.101 --dport 5121 -j DROP
- save changes
- apply changes
posted by Jason C. Miller @ 6:18 PM
1 comments
1 Comments:
You seem to be focused on port 5121. How will blocking one port affect all outgoing connections?
Post a Comment
<< Home