1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

thibor 15c on wrt54gl - redirecting dns w/ custom hosts?

Discussion in 'HyperWRT Firmware' started by tastyratz, Dec 12, 2006.

  1. tastyratz

    tastyratz LI Guru Member

    So I have a fresh WRT54GL flashed with thibor 15c. Love thibor firmware, been using it on other wrts with success and it couldnt be better. I have a linksys pap2 2.0 from vonage to be plugged in that will be used with another voip service.

    The vonage adaptor has an address in the firmware it visits to update and revert to vonage firmware. Unlocking the device corrects that but goofing with it can accidentally revert it. If it updates im screwed. I want to know if I can input in some sort of hosts file a custom dns entry so that when that IP tries to visit a specific website it redirects to an internal address within the router never leaving it. I cant really find any specific settings browsing the thibor pages -
    perhaps telnetting might allow editing of that? does anyone who knows how to do so want to help guide me on that? I already tried searching but got no luck.
    Thanks!
     
  2. ifican

    ifican Network Guru Member

    I believe vonage uses an ftp site for their firmware downloads, im sure if you look up how to write an iptable entry to block a specific ip and port, you should beable to do so on the command line of thibor15c.
     
  3. tastyratz

    tastyratz LI Guru Member

    hey thanks for the reply.
    Ive actually spent the majority of my day at work surfing and trying to find info on doing that. All the stuff ive found on iptables seems to spin my head, I am completely unfamiliar with linux and found no real references in layments terms. I tried adding it to the access restrictions page under website blocking by url but it didnt work as I can still ping and send traffic to ls.tftp.vonage.net
    I tried telnetting in as someone else suggested making a custom entry in the hosts file but I seem to get access is denied on most of the stuff I try to get into from telnet :-(

    any more feedback on that?
     
  4. HennieM

    HennieM Network Guru Member

    Thibor lets you do a startup script (under the Administration tab).
    Not sure if my assumptions regarding the eth+ interfaces, etc. are correct, but try adding a line like this to the startup script:

    iptables -t nat -A PREROUTING -p tcp -i eth+ -d vonage.ftp.site --dport ftp -j DNAT --to 192.168.1.1

    If different, change "192.168.1.1" to your router's IP address, or any non-existent IP address on your local network.

    Also, change "vonage.ftp.site" to the real site that your vonage adapter/router gets its updates from.

    The iptables line tells your router to intercept any tcp traffic (-p tcp), incoming through an ethernet port (-i eth+), destined for the vonage site (-d vonage.ftp.site), and destined for the FTP port on the vonage site (--dport ftp), and to send this traffic not to vonage, but to your router or some other host (-j DNAT --to 192.168.1.1).

    Note that the above line assumes your vonage adapter is connected by ethernet (UTP) cable to the WRT, and only redirects traffic that comes in by cable (-i eth+), but from ANY device connected to the WRT by cable/wire.

    Once you rebooted the router, telnet into it, and then run

    iptables -t nat -L

    which list all your iptables entries in NAT. You chould see an entry under the PREROUTING Chain, starting with

    DNAT tcp ......

    Google for "iptables tutorial" or "iptables examples" if you need to learn more.

    [Edit]
    Perhaps rather add the iptables line to the "firewall script".
     
  5. mstombs

    mstombs Network Guru Member

    I can get a bit further with telnet - at the

    /tmp #

    prompt

    type
    ls
    to show the contents of the directory. There should be a hosts file.

    To write one line to the hosts file a simple way is

    echo "0.0.0.0 test.tmp" >hosts

    to check what is in hosts type

    cat hosts

    BUT I don't know how to force dnsmasq to read and use this hosts file!
     
  6. tastyratz

    tastyratz LI Guru Member

    thanks mstombs! thats more close to what I was looking for. Enters in great, but your right it doesnt call it. Ill have to do some more googling. I managed to do it but it always starts me out in /tmp, so when I reboot its all gone. Is there a way to go right to hosts... *not* via tmp.
     
  7. MP3Stang

    MP3Stang Network Guru Member

    Could you use the "Access Restrictions" to block vonage. Enter the MAC of the PAP2 and select TFTP, FTP, HTTP, HTTPS under "Blocked Services". For added protection you can add vonage.net to "Website Blocking by URL Address" and vonage to "Website Blocking by Keyword".
     
  8. tastyratz

    tastyratz LI Guru Member

    mp3stang: Yea I tried that already, doesnt seem to work. Ive been trying adding these things to the access restrictions tab for my own pc, then try to ping the site to test. No matter what I do or block I still have the ability to ping the website regardless (short of blocking the ping function but thats moot for what I need). I would have thought blocking would have been easier to pull off, but I'm still unable to successfully block that :-(
     
  9. MP3Stang

    MP3Stang Network Guru Member

    Using ping to test if the PC is able to reach Vonage, does not fit into any of those filters. NOTE: the Filters Names are called "Website Blocking by URL Address" and "Website Blocking by Keyword", by definition I would believe that since it says website it should be on port 80 and/or 433? (HTTPS) where as ping is not that port. With the filters in place try opening vonage's website, this will test the website filters. Then to test the TFTP blocking from your PC try "tftp -i ls.tftp.Vonage.net get spaMY_MAC.xml c:\spaMY_MAC.xml†replace MY_MAC with the MAC of your PAP2. If the file is transfer is unsuccessfully then the filters do work, since this is what vonage will do to try to relock your PAP2.
     

Share This Page