Mr_Doughboy
Occasional Visitor
Hi,
I've just purchased a AC66U to replace my WNDR3700 due to signal issues, I currently have DD-WRT flashed on the WNDR3700 and in the process of setting up my new AC66U.
One thing I've found is that the AC66U doesn't support custom commands hence I'm going to flash to Asuswrt-Merlin.
I've got a few scripts that I'm running on DDWRT that I need to port over, DD-WRT was really easy for a beginner to simply copy / paste commands into Startup / Firewall etc.
I need to block some specific IP's as well as route a specific device to a different DNS and also constantly monitor my connection to renew DHCP in case this goes down. For some reason my current modem supplied does not do this hence having to use a script.
I've spent the past hour reading on how to setup scripts on this firmware, can someone confirm this is the correct procedure as I don't want to brick my new router / wear out JFFS prematurely.
Enable JFFS & Format as per admin GUI (Restart)
Use WINSCP & Login
Browse to JFFS
Create scripts folder if not already there
Inside JFFS create a file called services-start and paste the following:
"#!/bin/sh
# seconds between checks
WATCHDOG_SLEEP_SEC=60
# hostname or IP to ping
WATCHDOG_SITE=8.8.8.8
while sleep $WATCHDOG_SLEEP_SEC
do
if ping -c 1 $WATCHDOG_SITE > /tmp/null
then
echo "$WATCHDOG_SITE ok"
else
logger "$WATCHDOG_SITE missed ping"
sleep 4
if ! ping -c 1 $WATCHDOG_SITE > /tmp/null
then
logger "$WATCHDOG_SITE down, refreshing DHCP"
killall -SIGUSR2 udhcpc
sleep 2
killall -SIGUSR1 udhcpc
fi
fi
done 2>&1 & "
Create another file named with the following firewall-start and paste following:
dnsmasq -S 174.36.42.73 -R -i br0 -p 1054
iptables -I INPUT -s 62.253.3.75/83 -j DROP
iptables -I INPUT -s 62.252.170.140/147 -j DROP
iptables -I INPUT -s 62.252.44.12 -j DROP
iptables -I INPUT -s 62.252.0.0/16 -j DROP
iptables -t nat -A PREROUTING -p tcp -i br0 -s 192.168.0.5 --dport 53 -j DNAT --to $(nvram get lan_ipaddr):1054
iptables -t nat -A PREROUTING -p udp -i br0 -s 192.168.0.5 --dport 53 -j DNAT --to $(nvram get lan_ipaddr):1054
Save and then restart router.
Would this be the correct procedure? Also I'm assuming a ping command would not cause premature death of flash as we arnt talking about logs / storing here?
Sorry for the general n00bness but I'm fairly basic in terms of networking!
Thanks in advance
I've just purchased a AC66U to replace my WNDR3700 due to signal issues, I currently have DD-WRT flashed on the WNDR3700 and in the process of setting up my new AC66U.
One thing I've found is that the AC66U doesn't support custom commands hence I'm going to flash to Asuswrt-Merlin.
I've got a few scripts that I'm running on DDWRT that I need to port over, DD-WRT was really easy for a beginner to simply copy / paste commands into Startup / Firewall etc.
I need to block some specific IP's as well as route a specific device to a different DNS and also constantly monitor my connection to renew DHCP in case this goes down. For some reason my current modem supplied does not do this hence having to use a script.
I've spent the past hour reading on how to setup scripts on this firmware, can someone confirm this is the correct procedure as I don't want to brick my new router / wear out JFFS prematurely.
Enable JFFS & Format as per admin GUI (Restart)
Use WINSCP & Login
Browse to JFFS
Create scripts folder if not already there
Inside JFFS create a file called services-start and paste the following:
"#!/bin/sh
# seconds between checks
WATCHDOG_SLEEP_SEC=60
# hostname or IP to ping
WATCHDOG_SITE=8.8.8.8
while sleep $WATCHDOG_SLEEP_SEC
do
if ping -c 1 $WATCHDOG_SITE > /tmp/null
then
echo "$WATCHDOG_SITE ok"
else
logger "$WATCHDOG_SITE missed ping"
sleep 4
if ! ping -c 1 $WATCHDOG_SITE > /tmp/null
then
logger "$WATCHDOG_SITE down, refreshing DHCP"
killall -SIGUSR2 udhcpc
sleep 2
killall -SIGUSR1 udhcpc
fi
fi
done 2>&1 & "
Create another file named with the following firewall-start and paste following:
dnsmasq -S 174.36.42.73 -R -i br0 -p 1054
iptables -I INPUT -s 62.253.3.75/83 -j DROP
iptables -I INPUT -s 62.252.170.140/147 -j DROP
iptables -I INPUT -s 62.252.44.12 -j DROP
iptables -I INPUT -s 62.252.0.0/16 -j DROP
iptables -t nat -A PREROUTING -p tcp -i br0 -s 192.168.0.5 --dport 53 -j DNAT --to $(nvram get lan_ipaddr):1054
iptables -t nat -A PREROUTING -p udp -i br0 -s 192.168.0.5 --dport 53 -j DNAT --to $(nvram get lan_ipaddr):1054
Save and then restart router.
Would this be the correct procedure? Also I'm assuming a ping command would not cause premature death of flash as we arnt talking about logs / storing here?
Sorry for the general n00bness but I'm fairly basic in terms of networking!
Thanks in advance
