What's new

How to block ip camera from accessing the internet

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I think I
YES, as clearly you did not actually physically perform the two commands that you say you used :rolleyes:

There is a difference between
Code:
./IPCamsBlock.sh    status
and
Code:
./IPCamsBlock.sh    init   status

The 'init' directive wipes ALL existing rules (i.e. deletes the MyIPCAMs chain) , then recreates the chain using the directives you specifiy, so is mandatory when the script is first called after a reboot i.e. from firewall-start/nat-start.

The script will always display the rules it creates when the 'init' keyword is used so the 'status' directive is always implied.

Have you now understood what you are doing wrong?

Ok I think I understand but to confirm, are you saying that my firewall-start file needs to be

Code:
#!/bin/sh

/jffs/scripts/IPCamsBlock.sh init mail=smtp.gmail.com:587

instead of just

Code:
#!/bin/sh

/jffs/scripts/IPCamsBlock.sh init

?

I'm sorry if I'm still not understanding you correctly I havent done scripting before especially not with routers/modems so I'm trying to learn as I go.

I appreciate you taking the time to help.
 
Ok I think I understand but to confirm, are you saying that my firewall-start file needs to be
Code:
#!/bin/sh

/jffs/scripts/IPCamsBlock.sh init mail=smtp.gmail.com:587

instead of just
Code:
#!/bin/sh

/jffs/scripts/IPCamsBlock.sh init
?.

Yes! :)
 
OK I'm sort of getting the hang of it. I have succesfully got the smtp rule applied. I enabled logscan, I tested the email sending which failed then did a logscan and found the entries when I tried to send the email.

Does any of this make sense?

Code:
Nov 2 00:19:40 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=208.67.222.222 PROTO=UDP SPT=42646 DPT=53 LEN=40 Nov
[94m    2 00:19:41 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=208.67.222.222 PROTO=TCP SPT=46483 DPT=53 Nov 2 00:19:41
[94m    kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=208.67.222.222 PROTO=UDP SPT=42008 DPT=53 LEN=40 Nov 2 00:19:42 kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=208.67.222.222 PROTO=TCP SPT=46483 DPT=53 Nov 2 00:19:44 kernel: DROP IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=208.67.222.222 PROTO=TCP SPT=46483 DPT=53 Nov 2 00:19:45 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240
[94m    DST=208.67.222.222 PROTO=UDP SPT=37378 DPT=53 LEN=40 Nov 2 00:19:46 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=208.67.222.222

EDIT:

Ok I figured something out but I don't know how to fix it.

In my router settings I "DISABLED" "Enable DNS-based Filtering" and then the email test worked.

So I guess the question is what do I need to do to have DNS-based Filtering enabled but still send the emails

I was using Open DNS Home.

Thanks.
 
Last edited:
OK I'm sort of getting the hang of it. I have succesfully got the smtp rule applied. I enabled logscan, I tested the email sending which failed then did a logscan and found the entries when I tried to send the email.

Does any of this make sense?

Code:
Nov 2 00:19:40 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=208.67.222.222 PROTO=UDP SPT=42646 DPT=53 LEN=40 Nov
[94m    2 00:19:41 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=208.67.222.222 PROTO=TCP SPT=46483 DPT=53 Nov 2 00:19:41
[94m    kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=208.67.222.222 PROTO=UDP SPT=42008 DPT=53 LEN=40 Nov 2 00:19:42 kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=208.67.222.222 PROTO=TCP SPT=46483 DPT=53 Nov 2 00:19:44 kernel: DROP IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=208.67.222.222 PROTO=TCP SPT=46483 DPT=53 Nov 2 00:19:45 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240
[94m    DST=208.67.222.222 PROTO=UDP SPT=37378 DPT=53 LEN=40 Nov 2 00:19:46 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=208.67.222.222

EDIT:

Ok I figured something out but I don't know how to fix it.

In my router settings I "DISABLED" "Enable DNS-based Filtering" and then the email test worked.

So I guess the question is what do I need to do to have DNS-based Filtering enabled but still send the emails

I was using Open DNS Home.

Thanks.

The DROP'd packets you listed only refer to DNS Port 53 (DPT=53), not for Gmail SMTP Port 587 that you specified, so from the evidence you provided, the MyIPCAMs rules do not seem to be blocking the emails.
 
Sorry to bother you again @Martineau but i've been having a problem lately.

The blocking works fine and then all of a sudden it just stops allowing my gmail smtp 587.

I enabled logdrop and was able to see the time it started blocking it. Have you any idea why this might be happening?

my firewall-start file is

Code:
#!/bin/sh

/jffs/scripts/IPCamsBlock.sh init logdrop mail=smtp.gmail.com:587

here is the logdrop

Code:
[94m    Jan 30 04:49:05 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.70    PROTO=TCP     SPT=34037     DPT=37777 Jan    30
[94m    04:49:05 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.72 PROTO=TCP SPT=46507    DPT=37777     Jan     30 04:49:05    kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.69 PROTO=TCP SPT=34814 DPT=37777 Jan    30     04:49:05     kernel: DROP    IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=10.1.1.72 PROTO=TCP SPT=46509 DPT=37777 Jan 30 04:49:05    kernel:     DROP     IN=br0 OUT=eth0    SRC=192.168.0.240
[94m    DST=10.1.1.71 PROTO=TCP SPT=58295 DPT=37777 Jan 30 04:49:05 kernel: DROP    IN=br0     OUT=eth0     SRC=192.168.0.240 DST=10.1.1.71    PROTO=TCP
[94m    SPT=58296 DPT=37777 Jan 30 04:49:07 kernel: DROP IN=br0 OUT=eth0    SRC=192.168.0.240     DST=10.1.1.69    PROTO=TCP SPT=34812    DPT=37777
[94m    Jan 30 04:49:07 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.70    PROTO=TCP     SPT=34036     DPT=37777 Jan    30
[94m    04:49:07 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.66 PROTO=TCP SPT=53935    DPT=37777     Jan     30 04:49:07    kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.70 PROTO=TCP SPT=34037 DPT=37777 Jan    30     04:49:07     kernel: DROP    IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=10.1.1.66 PROTO=TCP SPT=53936 DPT=37777 Jan 30 04:49:07    kernel:     DROP     IN=br0 OUT=eth0    SRC=192.168.0.240
[94m    DST=10.1.1.69 PROTO=TCP SPT=34814 DPT=37777 Jan 30 04:49:07 kernel: DROP    IN=br0     OUT=eth0     SRC=192.168.0.240 DST=10.1.1.72    PROTO=TCP
[94m    SPT=46507 DPT=37777 Jan 30 04:49:07 kernel: DROP IN=br0 OUT=eth0    SRC=192.168.0.240     DST=10.1.1.71    PROTO=TCP SPT=58295    DPT=37777
[94m    Jan 30 04:49:07 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.72    PROTO=TCP     SPT=46509     DPT=37777 Jan    30
[94m    04:49:07 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.71 PROTO=TCP SPT=58296    DPT=37777     Jan     30 04:49:07    kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=74.125.24.108 PROTO=TCP SPT=52781 DPT=587 Jan    30     04:49:08     kernel: DROP    IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=74.125.24.108 PROTO=TCP SPT=52781 DPT=587 Jan 30 04:49:10    kernel:     DROP     IN=br0 OUT=eth0    SRC=192.168.0.240
[94m    DST=74.125.24.108 PROTO=TCP SPT=52781 DPT=587 Jan 30 04:49:34 kernel: DROP    IN=br0     OUT=eth0     SRC=192.168.0.240 DST=10.1.1.66    PROTO=TCP
[94m    SPT=53947 DPT=37777 Jan 30 04:49:34 kernel: DROP IN=br0 OUT=eth0    SRC=192.168.0.240     DST=10.1.1.66    PROTO=TCP SPT=53948    DPT=37777
[94m    Jan 30 04:49:34 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.70    PROTO=TCP     SPT=34045     DPT=37777 Jan    30
[94m    04:49:34 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.69 PROTO=TCP SPT=34826    DPT=37777     Jan     30 04:49:34    kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.69 PROTO=TCP SPT=34827 DPT=37777 Jan    30     04:49:34     kernel: DROP    IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=10.1.1.70 PROTO=TCP SPT=34048 DPT=37777 Jan 30 04:49:34    kernel:     DROP     IN=br0 OUT=eth0    SRC=192.168.0.240
[94m    DST=10.1.1.72 PROTO=TCP SPT=46523 DPT=37777 Jan 30 04:49:34 kernel: DROP    IN=br0     OUT=eth0     SRC=192.168.0.240 DST=10.1.1.71    PROTO=TCP
[94m    SPT=58307 DPT=37777 Jan 30 04:49:34 kernel: DROP IN=br0 OUT=eth0    SRC=192.168.0.240     DST=10.1.1.71    PROTO=TCP SPT=58308    DPT=37777
[94m    Jan 30 04:49:34 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.72    PROTO=TCP     SPT=46526     DPT=37777 Jan    30
[94m    04:49:35 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.66 PROTO=TCP SPT=53948    DPT=37777     Jan     30 04:49:35    kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.70 PROTO=TCP SPT=34045 DPT=37777 Jan    30     04:49:35     kernel: DROP    IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=10.1.1.66 PROTO=TCP SPT=53947 DPT=37777 Jan 30 04:49:35    kernel:     DROP     IN=br0 OUT=eth0    SRC=192.168.0.240
[94m    DST=10.1.1.69 PROTO=TCP SPT=34827 DPT=37777 Jan 30 04:49:35 kernel: DROP    IN=br0     OUT=eth0     SRC=192.168.0.240 DST=10.1.1.71    PROTO=TCP
[94m    SPT=58308 DPT=37777 Jan 30 04:49:35 kernel: DROP IN=br0 OUT=eth0    SRC=192.168.0.240     DST=10.1.1.70    PROTO=TCP SPT=34048    DPT=37777
[94m    Jan 30 04:49:35 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.69    PROTO=TCP     SPT=34826     DPT=37777 Jan    30
[94m    04:49:35 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.71 PROTO=TCP SPT=58307    DPT=37777     Jan     30 04:49:35    kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.72 PROTO=TCP SPT=46523 DPT=37777 Jan    30     04:49:35     kernel: DROP    IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=10.1.1.72 PROTO=TCP SPT=46526 DPT=37777 Jan 30 04:49:37    kernel:     DROP     IN=br0 OUT=eth0    SRC=192.168.0.240
[94m    DST=10.1.1.66 PROTO=TCP SPT=53948 DPT=37777 Jan 30 04:49:37 kernel: DROP    IN=br0     OUT=eth0     SRC=192.168.0.240 DST=10.1.1.69    PROTO=TCP
[94m    SPT=34827 DPT=37777 Jan 30 04:49:37 kernel: DROP IN=br0 OUT=eth0    SRC=192.168.0.240     DST=10.1.1.70    PROTO=TCP SPT=34045    DPT=37777
[94m    Jan 30 04:49:37 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.70    PROTO=TCP     SPT=34048     DPT=37777 Jan    30
[94m    04:49:37 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.71 PROTO=TCP SPT=58308    DPT=37777     Jan     30 04:49:37    kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.69 PROTO=TCP SPT=34826 DPT=37777 Jan    30     04:49:37     kernel: DROP    IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=10.1.1.72 PROTO=TCP SPT=46526 DPT=37777 Jan 30 04:49:37    kernel:     DROP     IN=br0 OUT=eth0    SRC=192.168.0.240
[94m    DST=10.1.1.71 PROTO=TCP SPT=58307 DPT=37777 Jan 30 04:49:37 kernel: DROP    IN=br0     OUT=eth0     SRC=192.168.0.240 DST=10.1.1.72    PROTO=TCP
[94m    SPT=46523 DPT=37777 Jan 30 04:49:37 kernel: DROP IN=br0 OUT=eth0    SRC=192.168.0.240     DST=10.1.1.66    PROTO=TCP SPT=53947    DPT=37777
[94m    Jan 30 04:49:42 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=74.125.24.108    PROTO=TCP     SPT=52794     DPT=587 Jan    30
[94m    04:49:43 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=74.125.24.108 PROTO=TCP SPT=52794    DPT=587     Jan     30 04:49:45    kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=74.125.24.108 PROTO=TCP SPT=52794 DPT=587 Jan    30     04:50:04     kernel: DROP    IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=10.1.1.70 PROTO=TCP SPT=34054 DPT=37777 Jan 30 04:50:04    kernel:     DROP     IN=br0 OUT=eth0    SRC=192.168.0.240
[94m    DST=10.1.1.70 PROTO=TCP SPT=34055 DPT=37777 Jan 30 04:50:04 kernel: DROP    IN=br0     OUT=eth0     SRC=192.168.0.240 DST=10.1.1.66    PROTO=TCP
[94m    SPT=53959 DPT=37777 Jan 30 04:50:04 kernel: DROP IN=br0 OUT=eth0    SRC=192.168.0.240     DST=10.1.1.66    PROTO=TCP SPT=53963    DPT=37777
[94m    Jan 30 04:50:04 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.71    PROTO=TCP     SPT=58316     DPT=37777 Jan    30
[94m    04:50:04 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.69 PROTO=TCP SPT=34840    DPT=37777     Jan     30 04:50:04    kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.72 PROTO=TCP SPT=46535 DPT=37777 Jan    30     04:50:04     kernel: DROP    IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=10.1.1.69 PROTO=TCP SPT=34842 DPT=37777 Jan 30 04:50:04    kernel:     DROP     IN=br0 OUT=eth0    SRC=192.168.0.240
[94m    DST=10.1.1.71 PROTO=TCP SPT=58320 DPT=37777 Jan 30 04:50:04 kernel: DROP    IN=br0     OUT=eth0     SRC=192.168.0.240 DST=10.1.1.72    PROTO=TCP
[94m    SPT=46538 DPT=37777 Jan 30 04:50:05 kernel: DROP IN=br0 OUT=eth0    SRC=192.168.0.240     DST=10.1.1.66    PROTO=TCP SPT=53963    DPT=37777

Why would it all of a sudden start blocking the gmail?

I should add, it was definately allowing emails through @ 4:11am however around the 4:47am mark it stopped.

Thanks.
 
Sorry to bother you again @Martineau but i've been having a problem lately.

The blocking works fine and then all of a sudden it just stops allowing my gmail smtp 587.

I enabled logdrop and was able to see the time it started blocking it. Have you any idea why this might be happening?

my firewall-start file is

Code:
#!/bin/sh

/jffs/scripts/IPCamsBlock.sh init logdrop mail=smtp.gmail.com:587

here is the logdrop

Code:
[94m    Jan 30 04:49:05 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.70    PROTO=TCP     SPT=34037     DPT=37777 Jan    30
[94m    04:49:05 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.72 PROTO=TCP SPT=46507    DPT=37777     Jan     30 04:49:05    kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.69 PROTO=TCP SPT=34814 DPT=37777 Jan    30     04:49:05     kernel: DROP    IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=10.1.1.72 PROTO=TCP SPT=46509 DPT=37777 Jan 30 04:49:05    kernel:     DROP     IN=br0 OUT=eth0    SRC=192.168.0.240
[94m    DST=10.1.1.71 PROTO=TCP SPT=58295 DPT=37777 Jan 30 04:49:05 kernel: DROP    IN=br0     OUT=eth0     SRC=192.168.0.240 DST=10.1.1.71    PROTO=TCP
[94m    SPT=58296 DPT=37777 Jan 30 04:49:07 kernel: DROP IN=br0 OUT=eth0    SRC=192.168.0.240     DST=10.1.1.69    PROTO=TCP SPT=34812    DPT=37777
[94m    Jan 30 04:49:07 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.70    PROTO=TCP     SPT=34036     DPT=37777 Jan    30
[94m    04:49:07 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.66 PROTO=TCP SPT=53935    DPT=37777     Jan     30 04:49:07    kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.70 PROTO=TCP SPT=34037 DPT=37777 Jan    30     04:49:07     kernel: DROP    IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=10.1.1.66 PROTO=TCP SPT=53936 DPT=37777 Jan 30 04:49:07    kernel:     DROP     IN=br0 OUT=eth0    SRC=192.168.0.240
[94m    DST=10.1.1.69 PROTO=TCP SPT=34814 DPT=37777 Jan 30 04:49:07 kernel: DROP    IN=br0     OUT=eth0     SRC=192.168.0.240 DST=10.1.1.72    PROTO=TCP
[94m    SPT=46507 DPT=37777 Jan 30 04:49:07 kernel: DROP IN=br0 OUT=eth0    SRC=192.168.0.240     DST=10.1.1.71    PROTO=TCP SPT=58295    DPT=37777
[94m    Jan 30 04:49:07 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.72    PROTO=TCP     SPT=46509     DPT=37777 Jan    30
[94m    04:49:07 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.71 PROTO=TCP SPT=58296    DPT=37777     Jan     30 04:49:07    kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=74.125.24.108 PROTO=TCP SPT=52781 DPT=587 Jan    30     04:49:08     kernel: DROP    IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=74.125.24.108 PROTO=TCP SPT=52781 DPT=587 Jan 30 04:49:10    kernel:     DROP     IN=br0 OUT=eth0    SRC=192.168.0.240
[94m    DST=74.125.24.108 PROTO=TCP SPT=52781 DPT=587 Jan 30 04:49:34 kernel: DROP    IN=br0     OUT=eth0     SRC=192.168.0.240 DST=10.1.1.66    PROTO=TCP
[94m    SPT=53947 DPT=37777 Jan 30 04:49:34 kernel: DROP IN=br0 OUT=eth0    SRC=192.168.0.240     DST=10.1.1.66    PROTO=TCP SPT=53948    DPT=37777
[94m    Jan 30 04:49:34 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.70    PROTO=TCP     SPT=34045     DPT=37777 Jan    30
[94m    04:49:34 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.69 PROTO=TCP SPT=34826    DPT=37777     Jan     30 04:49:34    kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.69 PROTO=TCP SPT=34827 DPT=37777 Jan    30     04:49:34     kernel: DROP    IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=10.1.1.70 PROTO=TCP SPT=34048 DPT=37777 Jan 30 04:49:34    kernel:     DROP     IN=br0 OUT=eth0    SRC=192.168.0.240
[94m    DST=10.1.1.72 PROTO=TCP SPT=46523 DPT=37777 Jan 30 04:49:34 kernel: DROP    IN=br0     OUT=eth0     SRC=192.168.0.240 DST=10.1.1.71    PROTO=TCP
[94m    SPT=58307 DPT=37777 Jan 30 04:49:34 kernel: DROP IN=br0 OUT=eth0    SRC=192.168.0.240     DST=10.1.1.71    PROTO=TCP SPT=58308    DPT=37777
[94m    Jan 30 04:49:34 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.72    PROTO=TCP     SPT=46526     DPT=37777 Jan    30
[94m    04:49:35 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.66 PROTO=TCP SPT=53948    DPT=37777     Jan     30 04:49:35    kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.70 PROTO=TCP SPT=34045 DPT=37777 Jan    30     04:49:35     kernel: DROP    IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=10.1.1.66 PROTO=TCP SPT=53947 DPT=37777 Jan 30 04:49:35    kernel:     DROP     IN=br0 OUT=eth0    SRC=192.168.0.240
[94m    DST=10.1.1.69 PROTO=TCP SPT=34827 DPT=37777 Jan 30 04:49:35 kernel: DROP    IN=br0     OUT=eth0     SRC=192.168.0.240 DST=10.1.1.71    PROTO=TCP
[94m    SPT=58308 DPT=37777 Jan 30 04:49:35 kernel: DROP IN=br0 OUT=eth0    SRC=192.168.0.240     DST=10.1.1.70    PROTO=TCP SPT=34048    DPT=37777
[94m    Jan 30 04:49:35 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.69    PROTO=TCP     SPT=34826     DPT=37777 Jan    30
[94m    04:49:35 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.71 PROTO=TCP SPT=58307    DPT=37777     Jan     30 04:49:35    kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.72 PROTO=TCP SPT=46523 DPT=37777 Jan    30     04:49:35     kernel: DROP    IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=10.1.1.72 PROTO=TCP SPT=46526 DPT=37777 Jan 30 04:49:37    kernel:     DROP     IN=br0 OUT=eth0    SRC=192.168.0.240
[94m    DST=10.1.1.66 PROTO=TCP SPT=53948 DPT=37777 Jan 30 04:49:37 kernel: DROP    IN=br0     OUT=eth0     SRC=192.168.0.240 DST=10.1.1.69    PROTO=TCP
[94m    SPT=34827 DPT=37777 Jan 30 04:49:37 kernel: DROP IN=br0 OUT=eth0    SRC=192.168.0.240     DST=10.1.1.70    PROTO=TCP SPT=34045    DPT=37777
[94m    Jan 30 04:49:37 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.70    PROTO=TCP     SPT=34048     DPT=37777 Jan    30
[94m    04:49:37 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.71 PROTO=TCP SPT=58308    DPT=37777     Jan     30 04:49:37    kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.69 PROTO=TCP SPT=34826 DPT=37777 Jan    30     04:49:37     kernel: DROP    IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=10.1.1.72 PROTO=TCP SPT=46526 DPT=37777 Jan 30 04:49:37    kernel:     DROP     IN=br0 OUT=eth0    SRC=192.168.0.240
[94m    DST=10.1.1.71 PROTO=TCP SPT=58307 DPT=37777 Jan 30 04:49:37 kernel: DROP    IN=br0     OUT=eth0     SRC=192.168.0.240 DST=10.1.1.72    PROTO=TCP
[94m    SPT=46523 DPT=37777 Jan 30 04:49:37 kernel: DROP IN=br0 OUT=eth0    SRC=192.168.0.240     DST=10.1.1.66    PROTO=TCP SPT=53947    DPT=37777
[94m    Jan 30 04:49:42 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=74.125.24.108    PROTO=TCP     SPT=52794     DPT=587 Jan    30
[94m    04:49:43 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=74.125.24.108 PROTO=TCP SPT=52794    DPT=587     Jan     30 04:49:45    kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=74.125.24.108 PROTO=TCP SPT=52794 DPT=587 Jan    30     04:50:04     kernel: DROP    IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=10.1.1.70 PROTO=TCP SPT=34054 DPT=37777 Jan 30 04:50:04    kernel:     DROP     IN=br0 OUT=eth0    SRC=192.168.0.240
[94m    DST=10.1.1.70 PROTO=TCP SPT=34055 DPT=37777 Jan 30 04:50:04 kernel: DROP    IN=br0     OUT=eth0     SRC=192.168.0.240 DST=10.1.1.66    PROTO=TCP
[94m    SPT=53959 DPT=37777 Jan 30 04:50:04 kernel: DROP IN=br0 OUT=eth0    SRC=192.168.0.240     DST=10.1.1.66    PROTO=TCP SPT=53963    DPT=37777
[94m    Jan 30 04:50:04 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.71    PROTO=TCP     SPT=58316     DPT=37777 Jan    30
[94m    04:50:04 kernel: DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.69 PROTO=TCP SPT=34840    DPT=37777     Jan     30 04:50:04    kernel:
[94m    DROP IN=br0 OUT=eth0 SRC=192.168.0.240 DST=10.1.1.72 PROTO=TCP SPT=46535 DPT=37777 Jan    30     04:50:04     kernel: DROP    IN=br0
[94m    OUT=eth0 SRC=192.168.0.240 DST=10.1.1.69 PROTO=TCP SPT=34842 DPT=37777 Jan 30 04:50:04    kernel:     DROP     IN=br0 OUT=eth0    SRC=192.168.0.240
[94m    DST=10.1.1.71 PROTO=TCP SPT=58320 DPT=37777 Jan 30 04:50:04 kernel: DROP    IN=br0     OUT=eth0     SRC=192.168.0.240 DST=10.1.1.72    PROTO=TCP
[94m    SPT=46538 DPT=37777 Jan 30 04:50:05 kernel: DROP IN=br0 OUT=eth0    SRC=192.168.0.240     DST=10.1.1.66    PROTO=TCP SPT=53963    DPT=37777

Why would it all of a sudden start blocking the gmail?

I should add, it was definately allowing emails through @ 4:11am however around the 4:47am mark it stopped.

Thanks.

There’s a new feature in Skynet, which would possibly greatly simplfy what you are teying to do:

https://www.snbforums.com/threads/skynet-asus-firewall-addition.16798/page-198#post-461835
 
Thanks I will definately check that out when I have some time! Quick question though, can gmail be allowed through as this code is supposed to?
Good point. I don’t know; I know @Adamm has made provision for NTP access. Hopefully, he’ll come back to you with the definitive answer. It’s very early days for this new feature, and I’m sure requirements like yours will help Adam expand its abilities.
 
Last edited:
as someone with two hikvision ip cams (no nvr) using line cross and intrusion recording and phone alerts, let me just add that camera placement may mitigate your IOT privacy paranoia. by using cams only at doorways and parameters instead of inside your living space, it may not really matter to you what the camera may be doing beyond your own needs.
 
Sorry to bother you again @Martineau but i've been having a problem lately.

The blocking works fine and then all of a sudden it just stops allowing my gmail smtp 587.

I enabled logdrop and was able to see the time it started blocking it. Have you any idea why this might be happening?

Why would it all of a sudden start blocking the gmail?

I should add, it was definately allowing emails through @ 4:11am however around the 4:47am mark it stopped.

You would need to display the status of the firewall rules to ensure that the rule to allow Gmail smtp:587 hasn't been deleted or preceded by a new global DROP rule.

Perhaps there is an inappropriate firewall restart event that occurred @04:47? (you would need to examine Syslog) as in some environments, duplicate copies of firewall-start/nat-start may be executed incorrectly.
 
as someone with two hikvision ip cams (no nvr) using line cross and intrusion recording and phone alerts, let me just add that camera placement may mitigate your IOT privacy paranoia. by using cams only at doorways and parameters instead of inside your living space, it may not really matter to you what the camera may be doing beyond your own needs.

True it would mitigate privacy paranoia but not the risk posed to other devices on the LAN by an IoT surveillance DVR getting infected and becoming part of a botnet.
 
Reporting following;

Wasn't sure whether to post this here for @Martineau or @RMerlin firmware thread.

With IPCamsBlock script in use; in the router's WebUI in Admin->System page simply click "Apply", no changes, & full internet access ie website loading is allowed for several+ seconds for any network devices that are blocked by IPCamsBlock script.
Above also happens if changing the block/unblock status on any device in Client status list, regardless of IPGroup range, within WebUI. So lets say you have device1-device5 blocked by IPGroup, but not deviceA. If you change deviceA status to block, then device1-device10 now have internet access for several seconds.
EDIT: Same happens if "Time Scheduling" is changed.


Not sure if the same happens if blocking from within WebUI & not using script, from limited testing didn't seem to.


This is on AC3200 with 384.12 after a hard factory wipe/reset.
 
Last edited:
Saving configuration changes initiates various tables to be wiped then recreated so depending on the particular setup, yes, there can be a (hopefully) short moment when, again depending on your individual scenario, some systems may be able to access the internet when they should not in general, as well as the reverse, where some devices won't be able to access the internet.

This isn't what I would call a bug perse, it is a timing issue mitigated by the speed of the processor in your router.
One workaround would be to disable your WAN connection, then make the configuration changes, then reestablish the WAN.

Ultimately, it doesn't sound like something that you would be doing very often so hopefully not a big deal.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top