Search results
-
Country Whitelist and Explicit Deny with ipset
Thank you for you comments. I am embarrassed to say that I just used the original create-ipset-lists.sh script as the baseline and made some adjustments. For the most part, any incoming packet will filter through the suite of ipset rules prior to being allowed. The Whitelist is a leap of faith...- WQ6N
- Post #3
- Forum: Asuswrt-Merlin
-
Country Whitelist and Explicit Deny with ipset
First, I do wish to say thank you for the ipset wiki and ASUSWRT-Merlin resources. I have taken a different approach from the BlockedCountry ipset nethash configuration. Instead of creating lists for multiple blocked countries, I have created a WhitelistCountry ipset nethash, which is allowed...- WQ6N
- Thread
- ipset iptables whitelist blocklist
- Replies: 2
- Forum: Asuswrt-Merlin
-
VSERVER DNAT bypassing ipset filters
Thank you for your quick response. I understand the FORWARD chain relationship ingress to the LAN. As an example # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination DROP all -- anywhere anywhere match-set BlockTheWorld...- WQ6N
- Post #3
- Forum: Asuswrt-Merlin
-
VSERVER DNAT bypassing ipset filters
If this has been already vetted, please point me in the correct direction. New to the AC5300 and ASUSWRT-Merlin I am using the gui Port Forwarding to allow external access to internal DMZ servers. I have also set up iptables INPUT ipset filters to control ingress packets. However, it is...- WQ6N
- Thread
- vserver dnat ac5300 asuswrt-merlin
- Replies: 2
- Forum: Asuswrt-Merlin