Comments on: OpenWRT Advanced Firewall http://garycourt.com/blog/post/openwrt-advanced-firewall/ Tue, 06 Jan 2009 11:09:34 +0000 http://wordpress.org/?v=1.5.2 Comment on OpenWRT Advanced Firewall by: dani http://garycourt.com/blog/post/openwrt-advanced-firewall/#comment-53910 Wed, 03 Dec 2008 18:50:24 +0000 http://garycourt.com/blog/post/openwrt-advanced-firewall/#comment-53910 Hi, i just used your picture on my webpage where I wrote a small howto explaining how to isolate a port on linksys wrt54gs with dd-wrt: http://wiki.eslimasec.com/esliwiki/IsolatingLinksysPortsPost thanks in advance and I hope I can help someone Hi, i just used your picture on my webpage where I wrote a small howto explaining how to isolate a port on linksys wrt54gs with dd-wrt: http://wiki.eslimasec.com/esliwiki/IsolatingLinksysPortsPost

thanks in advance and I hope I can help someone

]]> Comment on OpenWRT Advanced Firewall by: ibague http://garycourt.com/blog/post/openwrt-advanced-firewall/#comment-41747 Sun, 20 Apr 2008 23:39:35 +0000 http://garycourt.com/blog/post/openwrt-advanced-firewall/#comment-41747 Well, The best firewall i have found in my experience with linux is APF, very simple configuration and work great! Is there a distribution for openwrt???? i googled a lot some minutes ago without answer Well, The best firewall i have found in my experience with linux is APF, very simple configuration and work great! Is there a distribution for openwrt???? i googled a lot some minutes ago without answer

]]> Comment on OpenWRT Advanced Firewall by: Gary Court http://garycourt.com/blog/post/openwrt-advanced-firewall/#comment-2132 Thu, 31 Aug 2006 00:39:26 +0000 http://garycourt.com/blog/post/openwrt-advanced-firewall/#comment-2132 Yea, looks like I forgot to comment on that. I commented out, in <code>S50dnsmasq</code>, the line... args="-l /tmp/dhcp.leases -K -F $(int2ip $start),$(int2ip $end),$(int2ip $netmask),12h ${wanif:+-I ${wanif} }" ...which essentially removes the overriding configuration options that you then define in <code>dnsmasq.conf</code>. You do need to have <code>S50dnsmasq</code> in there in order to start the <code>dnsmasq</code> service. Yea, looks like I forgot to comment on that. I commented out, in S50dnsmasq, the line…

args=”-l /tmp/dhcp.leases -K -F $(int2ip $start),$(int2ip $end),$(int2ip $netmask),12h ${wanif:+-I ${wanif} }”

…which essentially removes the overriding configuration options that you then define in dnsmasq.conf.

You do need to have S50dnsmasq in there in order to start the dnsmasq service.

]]> Comment on OpenWRT Advanced Firewall by: duaux http://garycourt.com/blog/post/openwrt-advanced-firewall/#comment-2125 Tue, 29 Aug 2006 19:35:57 +0000 http://garycourt.com/blog/post/openwrt-advanced-firewall/#comment-2125 Gary, Thank you for this detailed walkthrough! It was exactly what I was looking for. However, after i followed through step by step, I ran into a small problem. After I rebooted the router, my DNS request stoped working. ie. I get an IP but cannot goto www.google.com, but can go by http://72.40.xx.xx I suspect it has to do with: /etc/dnsmasq.conf vs. /etc/init.d/S50dnsmasq I stopped using S50dnsmasq and used /etc/dnsmasq.conf only. Comments in the S50dnsmasq said if I am using /etc/dnsmasq.conf I can get rid of S50dnsmasq. Thats what I did... :( Anycomments appreciated. Thank you. Gary,

Thank you for this detailed walkthrough! It was exactly what I was looking for. However, after i followed through step by step, I ran into a small problem.

After I rebooted the router, my DNS request stoped working.

ie. I get an IP but cannot goto www.google.com, but can go by http://72.40.xx.xx

I suspect it has to do with:

/etc/dnsmasq.conf vs. /etc/init.d/S50dnsmasq

I stopped using S50dnsmasq and used /etc/dnsmasq.conf only.

Comments in the S50dnsmasq said if I am using /etc/dnsmasq.conf I can get rid of S50dnsmasq.

Thats what I did… :(

Anycomments appreciated.

Thank you.

]]>