Linksys WRT54GL Tomato Firmware 1.28 iptables tutorial?

Discussion in 'Tomato Firmware' started by wickedTMNT, Dec 8, 2010.

  1. wickedTMNT

    wickedTMNT Networkin' Nut Member

    my name is wicked i finally got around to building a new lintel quad core pc
    and so now my intel duo core is just lying around doing nothing so i decided to make it a file server its just for the house

    it was doing fine until it came down with some malware but i learned it could have been avoided if i had

    blocked all outgoing TCP and UDP connections the virus connected to an outside source before downloading some really bad stuff to the computer and crashed it!

    its reformatted and fine now

    so i spent 3 days looking for stateful firewalls and things i could do then i came across some useful information

    on another site for people with a Linksys WRT54GL Router flashed with Tomato Firmware 1 28

    i learned you could use iptables to do exactly what i need id like to block all outgoing connections

    i tired this however and it didn't worked i looked around and tried it and rebooted it but it didn't work at all

    so i was wondering if there's a tutorial out there somewhere for tomato so i can get this up and running

    id like to block outgoing connections and allow only incoming connections i specify on my network in or on the outside with some kind of rule?

    i learned about iptables from this site but none of the commands work in tomato under Administration/scripts/firewall

    thanks for taking the time to help me with this problem :)


    Id also be willing to give stateful firewalls a shot but the ones i tried failed
    so i believe iptables may be the best course of action

    heres a list of stateful firewalls i tried so far

    * NT Kernel Resources: NeT Firewall 3.0.23 ( i have windows ICS enabled for another PC it failed to control anything on the other PC )

    * Agnitum outpost pro 7 ( crashed on startup only way to get computer to start was reboot in safe mode and remove it program claims norton and AVG interfere with it )

    * Kerio WinRoute Firewall 6.7.1 ( i had no internet at all and right on install it claimed it wasn't compatible with windows ICS on install )
  2. michse

    michse Addicted to LI Member

    Hi definitly it works, but you have to do some things :)

    iptables -I FORWARD -s [IP from your server] -j DROP

    save and reboot.

    insert this in administration/scripts/firewall. then administration/debugging/download iptables dump and copy this to forum..

