2
0
I am using a Netgear router flashed with DD-WRT firmware running a constant VPN connection. I do not use any VLANS or any other firewall rules.
To help protect my IP address, I applied the following firewall rule but it does not seem to be blocking traffic when the VPN connection drops out.
iptables -I FORWARD -i br0 -o tun1 -j ACCEPT
iptables -I FORWARD -i tun1 -o br0 -j ACCEPT
iptables -I INPUT -i tun1 -j REJECT
iptables -t nat -A POSTROUTING -o tun1 -j MASQUERADE
Any ideas what could be wrong?
Kwang Lim
Posted 2017-10-22T10:22:15.953
Reputation: 33
What netgear router, and what DDWRT revision? – JohnnyVegas – 2017-10-22T10:30:24.683
Router is Netgear R8000. Firmware: DD-WRT v3.0-r33435M kongac (10/08/17) – Kwang Lim – 2017-10-22T10:41:08.283
I have had a few issues with their firewall on occasion - I used LEDE on my r8000 instead. https://lede-project.org/toh/hwdata/netgear/netgear_r8000
I much prefer the LEDE firewall GUI too.
Which interfaces are inside your bridge? You should block traffic going through them directly, something like – maxxvw – 2017-10-24T20:57:48.153