Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. HELLO_wORLD

    Tutorial Adding custom SSID and specific VLAN (for IOT for example)

    Hello, I will describe here my experience regarding the creation of an additional SSID (on top of the main and guest ones) on a R7800 in AP mode, with @Voxel's firmware, and having it in its own VLAN. So I have my main router (no wifi) under OpenWrt. The router is connected with ethernet to...
  2. HELLO_wORLD

    Voxel Best tunnel for R7800 (HW acceleration, perfs…)

    Hi dear community, I am about to get a tunnel to a good secondary provider, as my main one is having routing issues lately and I need to use VPN's a lot from LAN devices. Here are my choices: OpenVPN, Up to 100 Mbits/s L2TP, up to 2 Gbits/s EoIP, up to 2 Gbits/s IPIP, up to 1 Gbits/s 6in4, up...
  3. HELLO_wORLD

    One mirroring solution for IDS (my approach and solution)

    Hello all, As you may know if you read my recent posts in this forum, I was setting up an IDS system (Suricata), outside of the router (that is not strong enough to handle the IDS). So what I needed to do was to send a copy of all the packets/frames I want to monitor to the IDS device. I am...
  4. HELLO_wORLD

    Need help/advice with advanced networking interfaces needs

    Hello, I hope everyone is having a great Sunday :cool: I am looking for help from the master gurus out here. My goal is simple: I want to be able to capture in iptables some packets generated locally by raw sockets to tee them to my IDS (I am able to tee everything coming through the router...
  5. HELLO_wORLD

    IP source and destination not in LAN or public ip…

    Hi all, This question is wider than just NG routers, but we have our community here :) As you may have followed, I installed an IDS system to monitor any suspect activity, and I see some packets that have a source AND a destination IP that are not on my LAN (either private or public IP)...
  6. HELLO_wORLD

    [R7800] Deceived by WAN Port mirror to LAN port1

    I prepared my SBC (odroid N2+) to do some IDS (and to spare the router to do any analysis). I got a second ethernet port (USB3), connected it to the R7800 LAN1 and enabled the port mirroring (from debug page) It works, and installing an IDS software on the SBC listening to second ethernet port...
  7. HELLO_wORLD

    Entware Suricata

    Anyone using Suricata on their Voxel-Netgear router (with Entware)? https://suricata.io
  8. HELLO_wORLD

    Voxel Custom firmware build for Orbi RBK50/RBK53 (RBR50, RBS50) v. 9.2.5.2.19.1SF-HW

    Continuation of Custom firmware build for Orbi RBK50/RBK53 (RBR50, RBS50) v. 9.2.5.2.19SF-HW New version of Voxel custom firmware build: 9.2.5.2.19.1SF-HW. Changes (vs 9.2.5.2.19SF-HW): 1. Toolchain: Go is upgraded 1.17.7->1.17.8. 2. Upgrade dbus to 1.13.22. 3. Upgrade wget to 1.21.3. 4...
  9. HELLO_wORLD

    Voxel Custom firmware build for R7800 v. 1.0.2.92.3SF

    Continuation of Custom firmware build for R7800 v. 1.0.2.92SF Custom firmware build for R7800 v. 1.0.2.91SF & v. 1.0.2.91.1SF … New version of Voxel custom firmware build: 1.0.2.92.3SF. Changes (vs 1.0.2.92SF): 1. Toolchain: Go is upgraded 1.17.7->1.17.8. 2. Upgrade ubus to 2022-02-28. 3...
  10. HELLO_wORLD

    Voxel Custom firmware build for R9000/R8900 v. 1.0.4.58.2HF

    Continuation of: Custom firmware build for R9000/R8900 v. 1.0.4.58HF Custom firmware build for R9000/R8900 v. 1.0.4.57HF & v. 1.0.4.57.1HF … New version of Voxel custom firmware build: 1.0.4.58.2HF. Changes (vs 1.0.4.58HF): 1. Toolchain: Go is upgraded 1.17.7->1.17.8. 2. Upgrade ubus to...
  11. HELLO_wORLD

    Voxel Voxel Firmware Status

    For those who were not aware, @Voxel lives in Russia. The current geopolitical situation is making his personal situation very difficult, and we need to be aware that it is likely we won't have any new update for his firmwares for a while. I am not even sure he can access this forum anymore...
  12. HELLO_wORLD

    traceroute6 on R7800

    Hi all, I try to get traceroute6 on my R7800, since native traceroute does not implement IPv6. Entware does not offer traceroute6 as the iputils implementation on it does not come with it. I tried to build it, but it is a nested box situation: building iputils require meson, that requires...
  13. HELLO_wORLD

    R7800: understanding some packets emitted from router to APIPA address

    Hi, I try to understand some packets that my R7800 is sometimes attempting to send to the WAN. They are intercepted by Aegis, and are not frequent, so this is not a big issue, but I would like to know why they are emitted, and by which process? Here are two samples: IN= OUT=brwan SRC=[MY...
  14. HELLO_wORLD

    Alternative to ip6tables DNAT rule (DNS redirection)

    Hi, I currently have a NAS with a DNS server (mostly for DNS cache, local domains, and an ad-blocking sinkhole system). The DNS server points to the router’s Stubby as its resolver for encrypted DNS to WAN. I use DHCP (v4 and v6) to advertise to my LAN my NAS as the DNS resolver, and the router...
  15. HELLO_wORLD

    Cracked net-scan daemon

    I looked at the net-scan source code from NG, and I figured out how to trigger it from shell :) It is quite easy in fact: /usr/bin/killall -10 net-scan net-scan is a NG/DNI daemon launched at startup, that is able to scan LAN for devices, using ARP and NetBios. Its purpose is to get the list...
  16. HELLO_wORLD

    Discussion on improving the firewall

    Hello to all. In a constant quest to improve security of the firewall, I recently added some rules to deal with port scan. The idea of this thread is to share our experiences and experimentation to make our firewalls better. It is open to comments, critics, improvements, etc... Here is my...
  17. HELLO_wORLD

    Voxel rpfilter (reverse path filtering

    Hi all, I realized that sysctl net.ipv4.conf.*.rp_filter which perform reverse path filtering to detect invalid source address is set to 0 on my R7800. That seems strange for a router. It can be turned on changing sysctl settings, but: 1) sysctl method is now deprecated and work only for...
  18. HELLO_wORLD

    Aegis Aegis 1.7.x

    Due to new forum rules on threads older than six months, here is a fresh new one, good until August 2021. Previous thread Aegis A firewall blocklist script for Netgear R7800, R9000 and Orbi Routers with Voxel firmware. Should work with some other models as well. What is it? It is a script...
  19. HELLO_wORLD

    Aegis Aegis 1.7.0 beta

    Aegis 1.7.0 is available as a beta version. 1.7.0b: initial beta release 1.7.0b2: fixed "blocking 0 IP addresses" problem 1.7.0b3: added very basic privacy friendly metrics 1.7.0b4: added internal or external info to metrics 1.7.0b5: corrected some bugs, some in core, mostly in the web ui...
  20. HELLO_wORLD

    Voxel net-wall

    Hi all, I try to understand the logic of net-wall (the DNI binary version renamed net-wall-bin in @Voxel ’s firmware. We know its function is to start, restart or stop internal firewall, that it is opaque (not open source). It also build the default rules (with the rule argument). With -6...
Top