blocking destination addresses

Discussion in 'HyperWRT Firmware' started by Green, Dec 31, 2004.

  1. Green

    Green Network Guru Member

    Hello all
    is it possible to block some destination addresses (not URLs!) or address ranges like we're blocking destination ports ("blocked services") now?

    Thanks & Happy New Year!
  2. fabjan

    fabjan Network Guru Member


    You can telnet to your WRT54G and type the following command :
    iptables -I FORWARD -d x.x.x.x -j DROP
    where x.x.x.x is the destination address you want to block.
    You can block more than one address with many iptables command ex:
    iptables -I FORWARD -d x.x.x.x -j DROP
    iptables -I FORWARD -d y.y.y.y -j DROP
    iptables -I FORWARD -d z.z.z.z -j DROP
    You can also block a range within a mask ex:
    iptables -I FORWARD -d x.x.x.x/24 -j DROP
    will block from x.x.x.0 to x.x.x.255
    You can put these commands in the firewall scripts to avoid the lose of these modification if the WRT54G reboot.

  3. Green

    Green Network Guru Member

    thanks a lot - it works!
    Now I can block complete /24 network without specifying list of individual ports or services.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice