Access and Restrictions

Discussion in 'Tomato Firmware' started by w11x22, Jan 12, 2014.

  1. w11x22

    w11x22 Networkin' Nut Member

    Hi all
    I am running "Tomato Firmware v1.28.9013 MIPSR2-RAF K26 USB VLAN-VPN-NOCAT" on a RTN66U and been using Access and Restriction since day one without any problem as I have bloced certain Web Sites as well as Piratebay etc... but noticed the other day that this has stopped working. I have re created a new one but its just does not work. Rebooted the Router as well but with no luck. I have blocked the restrictions "All Day" "Everyday" to all the computers but for some reason it is not working... Any idea from anyone....
    It worked for over 8/9 months without any problem on the same FW....
    Thanks in advance,......
  2. koitsu

    koitsu Network Guru Member

    There's absolutely nothing in your post that provides any kind of troubleshooting information that people can go off of. All it amounts to is: "this feature I use no longer is doing what it used to". :)

    You're going to have to provide a full screenshot of your Access and Restriction entry for people to help you. Please do not omit or cross out any data in there; we need to see it all.

    The most likely explanation, by the way, is that you've blocked things by a FQDN or by a domain name, and that some of those have changed. For example, for TPB, I know they keep changing between different TLDs/domains for all sorts of reasons that I do not want to get into. So in effect any time someone on the Internet changes something about their website, how it works, etc. you have to reverse-engineer it and update your Access and Restrictions rules as appropriate. It's a cat-and-mouse game where the work falls onto you every time.
  3. mstombs

    mstombs Network Guru Member

    Also consider that normal text router access restrictions don't work on https connections.
  4. w11x22

    w11x22 Networkin' Nut Member

    OK... Koitsu here is the Screen shot....Well, I understand about the Piratebay etc but if you look in the screen shot it used to block even words but none of them working....

    Attached Files:

  5. koitsu

    koitsu Network Guru Member

    It should be easy to determine if those are working or not, even if visiting a site which doesn't have such content. The router will block the request even before it sends it out the WAN, so you could literally try to visit something like to test it. Normally that URL would return 404, but with an Access Restriction you should get a very different looking page (if I remember right, maroon background with some text) which the router itself returns.

    I can already see problems with some of the entries you have, particularly for TPB. ^piratebay is only going to block things like http://piratebay or, it's not going to block or

    You have some redundant entries in there too (ex. torrent (just the word) is enough to block anything with the word in it, you don't need to have .torrent and .torrent$ and torrent$ -- those are just superfluous).

    I will happily admit that the Access Restrictions stuff -- specifically HTTP Request -- needs to be documented better. I actually understand how its designed/works and what it keys off of, at a technical level, but it requires users to actually get familiar with how HTTP works.

    And as @mstombs said -- none of that blocking will work for HTTPS URLs. It's only for HTTP.
    HitheLightz likes this.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice