P
podkaracz
Guest
Asus does not offer the option to just disable NAT helper. I don't know if they have fixed it, but last time I checked a few years ago, setting this to Disable had the unfortunate side-effect of also actively blocking that port, preventing for instance SIP from working.
(1) Are Asus routers running ASUSWRT-Merlin affected by NAT Slipstreaming? Mitigations? | Page 2 | SmallNetBuilder Forums (snbforums.com)
I looked around the forum and there was discussion on that topic already ehh. November 2020 the conclusion was to disable everything in tab NAT Passthrough as well as command line master @ColinTaylor suggested adding
modprobe -r nf_nat_ftp
modprobe -r nf_conntrack_ftp
to /jffs/scripts/firewall-start
Is executing those scripts via ssh on asus latest firmware (not merlin) will work or i need custom jffs scripts from merlin functionality?
Also here is a mention about nat slipstreaming
DNSPOOQ - JSOF (jsof-tech.com)
Maybe dnsmasq fixes had impact on those settings as well because mention of nat slipstreaming is part of latest vulnerabilities disclosed by JSOF as well as SAD dns or smth.
Also was SAD dns patched already on asus routers? Becuase from what i see its suggest to disable outgoing ICMP whatever that is.
Last edited by a moderator: