Hi All,
In the asus firmware it is possible to setup portforwarding. I am looking for a way to limit access from outside to a forwarded port.
So far I have figured out it is setup in iptables with the vserver rules.
I figured out a way to alter that line to this:
I also found out this section is in /tmp/redirect_rules.
now my questions:
Would it be possible in future releases to limit access to forwarded ports so I don't have to tinker with it?
Would it actually work like this?
Is there a way to make this stick so after a reboot this will still be filtered?
How can I initiate a firewall restart from commandline?
In the asus firmware it is possible to setup portforwarding. I am looking for a way to limit access from outside to a forwarded port.
So far I have figured out it is setup in iptables with the vserver rules.
Code:
-A VSERVER -p tcp -m tcp --dport <FORWARDED PORT> -j DNAT --to-destination <INSIDE IP>:<INSIDE PORT>I figured out a way to alter that line to this:
Code:
-A VSERVER -p tcp -m tcp -s <ALLOWED OUTSIDE IP> --dport <FORWARDED PORT> -j DNAT --to-destination <INSIDE IP>:<INSIDE PORT>I also found out this section is in /tmp/redirect_rules.
now my questions:
Would it be possible in future releases to limit access to forwarded ports so I don't have to tinker with it?
Would it actually work like this?
Is there a way to make this stick so after a reboot this will still be filtered?
How can I initiate a firewall restart from commandline?
Last edited:
