[TriLUG] Anybody using DD-WRT?
Chander Ganesan
chander.ganesan at gmail.com
Fri Aug 1 08:47:39 EDT 2008
Brian Daniels wrote:
> I put DD-WRT mega Release 7/27/08 on a WRT54GS yesterday to try it out. I'm
> pretty impressed with the interface, but I found something disturbing.
>
> I was interested in the setup of their firewall rules, so I ssh'd in and:
>
> root at DD-WRT:~# iptables -L -n
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
> ACCEPT 0 -- 194.231.229.20 0.0.0.0/0
> ACCEPT 0 -- 212.65.2.116 0.0.0.0/0
> ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED
> DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:520
>
>
> Um, hello? Why are there two 'accept all' rules from sites in Germany?
>
> Anyone else have DD-WRT mega installed that they can check?
>
I run OpenVPN on DD-WRT standard and I can confirm that standard doesn't
have this issue. I *hate* the config process for OpenVPN via the GUI,
since it doesn't easily allow for default TLS authentication, which
helps to prevent DOS, so I typically don't install the *vpn builds ...
Much easier to just install openvpn in JFFS and then put a standard
client config file in there...
chander
More information about the TriLUG
mailing list