1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

J-Drop Help

Discussion in 'Tomato Firmware' started by GeeTek, Feb 1, 2007.

  1. GeeTek

    GeeTek Guest

    I need to prevent lan machine 192.168.22.4 from accessing 216.178.32.xxx. I have a restrict rule using "myspace" in the http request box, but now 3 hours later I see 40 or 50 connections open to *.myspace.com in the range I mentioned above. Thanks !

    P.S. I'm also googling for some iptables tutorials for future use so I won't need to be such a pest. It seems like someone told me how to do this once before. Sorry !
     
  2. orangekay

    orangekay LI Guru Member

    What does the regex you put in look like?
     
  3. GeeTek

    GeeTek Guest

    I put only the plain word "myspace" with-out quotations or anything else. I got a "Page not found" when trying to open http://www.myspace.com, and assumed that it was a success. Remoting in later is when I saw numerous connections open, but am no longer on site to operate the computer. My own home router is also Tomato, so I guess I should try variations. I'm a believer in firewall scripts because they are so absolute, and was hoping to just shazzaam the whole IP block for that one computer.
     
  4. orangekay

    orangekay LI Guru Member

    Strange, I can't get it to block myspace.com, either. Seems like something's broken somewhere.
     
  5. der_Kief

    der_Kief Super Moderator Staff Member Member

    Maybe you should tell this Jon !?

    der_Kief
     
  6. digitalgeek

    digitalgeek Network Guru Member

    I have just done the following, and successfully blocked myspace.

    [​IMG]
     
  7. GeeTek

    GeeTek Guest

    I might have been crying whoof a bit early. Now that I have played with it on my own router, it blocks perfectly (settings exactly as digital geeks screen shot). When I first tried it (on mine), I did get myspace once. I added my MAC to the rule which was IP only at first, and from then on it worked (Ip alone is working now). I started clearing my temp files between tests, but might have forgotten to on the first test. The jobsite is also still on ver. .9, and mine is still 102. I need to get back to the site and see first hand what is going on. I do not see connections open anymore, but it is possible that nobody is on the machine. Sorry for honking my horn so quickly ! OrangeKay, did yours start to work properly ? Try adding your MAC to the rule and clear your temp files.
     
  8. orangekay

    orangekay LI Guru Member

    Nope, I was trying to block it for all clients and it did absolutely nothing. I was able to block google and yahoo just fine using the exact same settings, but myspace keeps getting through (and it's definitely not pulling it from the local cache).
     
  9. larsrya8

    larsrya8 LI Guru Member

    Just for giggles I applied the same settings shown above and I couldn't access MySpace.com (I've never been to it, so it definitely wasn't from the cache). Maybe you need to reboot the router? Are you using Firefox? Sometimes it's cache behavior messes things up.
     
  10. digitalgeek

    digitalgeek Network Guru Member

    With my test as posted above, I used Firefox. And I have been to Myspace. I was able to reload it from cache, but not able to use any links.

    I would double check your access restriction settings. When I first tested it, I had accedently left the days and time as the default, but once I selected all day every day the site was blocked completely.

    (The only thing I was sure about is any aliases or alternate names the may be used.)
     
  11. GeeTek

    GeeTek Guest

    All is well here. Before upgrading to 104, I checked, and was not able to get to any myspace or their sub-pages. The connections I saw must have been residual entries from the earlier traffic. Thanks for the help.
     
  12. orangekay

    orangekay LI Guru Member

    My settings should be fine and differ only in blocking for all clients rather than one specific one. I've tried every possible permutation of regex in the "HTTP Request" box and none of them work for myspace. If I change that domain to google.com, then that works exactly as I would expect it to. I did my testing with curl so there's no chance it's pulling anything from a cache.

    I am not using the current version of Tomato, but since the release notes say nothing about this, I don't imagine anything's changed.

    [​IMG]
     
  13. larsrya8

    larsrya8 LI Guru Member

    I just inputted your settings and it blocked myspace.com (I couldn't even search for myspace.com in Google, and no pages that Google linked to would open). If you have tried rebooting the router and whatnot, the only other thing I can think of is to upgrade to the latest version (I'm only using 1.03.0943 though). For the record, I'm using Firefox 2.0.0.1, and I've also confirmed that this works with IE6. I'm assuming curl is something for linux?

    Edit: When you switched to Tomato, did you do a "Thorough Cleaning" of the NVRAM?
     
  14. GeeTek

    GeeTek Guest

    @ orangekay - Very strange that your blocking of google and yahoo do work, but not myspace. Not to be too obvious here, but did you check for a typo in your entry ? Maybe there is an invisible space before or after the word ? Did you try deleting the rule and starting with a new one ?
     
  15. orangekay

    orangekay LI Guru Member

    Checked for garbage characters in an external text editor and tried every possible regex I could think of, including but not limited to:

    myspace
    myspace.com
    .myspace.com
    \.myspace\.com
    myspace.com$
    .myspace.com$
    \.myspace\.com$

    NVRAM was wiped both before and after installation, and yes, curl is "something for Linux."

    I don't actually need to block anything so I don't particularly care if it works or not, just seems strange that it doesn't.
     
  16. digitalgeek

    digitalgeek Network Guru Member

    Thats interesting, cause all I used was just the word "myspace" no .com or alternate variations. Myspace was blocked with out even trying.

    Are you using any custom firewall scripts?
     
  17. GeeTek

    GeeTek Guest

    O.K., I said I was going to learn about IP Tables, and post back a refinement of the IP address block command. I found a great tutorial alright. It was near the top of a google search.

    http://iptables-tutorial.frozentux.net/iptables-tutorial.html

    It will be a cold day in hell before I find the time to get past page one. How do you *nix freaks ever get wrapped around this stuff ? And there's Jon, writing code in C++ using this technology. Absolutely mind boggling....
     
  18. digitalgeek

    digitalgeek Network Guru Member

    I'm with you GeeTek... I can do a fair bit in C# and VB, but integrated devices... I'll let Jon and those guys screw around with that stuff... I can even give them money towards there efforts, but I'll let it be there efforts. :)

    Having said that I have clicked on your link and I will look into iptables myself to better understand how this thing does what it does.
     
  19. orangekay

    orangekay LI Guru Member

    Well the first several pages of that are just overviews of TCP and IP fundamentals so most people won't bother reading them either, and I'd say over 95% of Tomato is written in straight C rather than C++. What little C++ there is seems to pertain to the squashfs filesystem which would all be borrowed code.
     

Share This Page