1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Access restrictions / outbound rules on WAG54G, WRT54G etc

Discussion in 'Networking Issues' started by MattM, May 13, 2005.

  1. MattM

    MattM Network Guru Member

    Hi folks,

    Looking for info on rule conflicts with the WAG54G/WRT54G (the WRV54G looks identical too). On the access restrictions tab we want to be able to first pop a blanket deny for a particular service (eg. SMTP) then have a specific allow for a couple of particular computers.

    Unfortunately the computers in question could be at different ends of the local subnet so we couldn't just have a deny rule in place applying to two IP ranges.

    By default does the WAG54G (I'm assuming the WRT and the WRV work similarly but that's perhaps a dangerous assumption) go with the most stringent rule if it sees a conflict (ie. a blanket deny to the subnet, then a specific allow to a particular computer) or does it go with the allow?

    Any help greatly appreciated.

    Cheers,
    Matt
     
  2. MattM

    MattM Network Guru Member

    Just for information and to assist others happening to read this, we've now largely figured this one out. Using a WRV54G running firmware 2.37 we found the following:

    Default behaviour of the router is to allow all traffic until a rule is created and enabled, even if that rule is an "allow" rule. At that point the router turns to deny by default.

    "Blocked services" actually means "allowed services" in the context of an allow rule.

    Rules are processed in order, as such put your allow rules in at the top and your deny rules at the bottom.
     

Share This Page