SmallNetBuilder Forums
Go Back   SmallNetBuilder Forums > Wireless Networking > ASUS Wireless > Asuswrt-Merlin

Reply
 
Thread Tools Search this Thread Display Modes
  #41  
Old 03-09-2013, 09:49 PM
RMerlin's Avatar
RMerlin RMerlin is offline
Very Senior Member
 
Join Date: Apr 2012
Location: Canada
Posts: 9,544
Thanks: 47
Thanked 5,085 Times in 2,155 Posts
RMerlin is just starting out
Default

First thing: INPUT and OUTPUT tables are for traffic coming to and from the router. In this case, you want to control traffic that passes through the router. So, the correct table to manipulate is the FORWARD table.

Therefore:

Code:
iptables -I FORWARD -d ad-g.doubleclick.net -j REJECT
is what you want if your goal is to prevent connecting to these servers.

This isn't a very efficient or reliable way to implement ad blocking however. The more rules you add, the highest impact it will have on your network, since every packet must be checked against every rule in the table. This is where ipset will provide a far more efficient method of implementing blacklisting.

Writing a script that would download a blocklist and generate a proper ipset list would be the ideal. Unfortunately, many blocklists seem to ship in a p2p format, and they require you to pay to get these lists in a more compatible format (cidr format, for example)...
__________________
Asuswrt-Merlin: Customized firmware for Asus routers
Github: github.com/RMerl - Twitter: RMerlinDev
See the sticky post for more info.

Last edited by RMerlin; 03-09-2013 at 09:52 PM.
Reply With Quote
  #42  
Old 03-09-2013, 10:41 PM
AnthonyArmato AnthonyArmato is offline
Very Senior Member
 
Join Date: Apr 2012
Posts: 247
Thanks: 0
Thanked 8 Times in 8 Posts
AnthonyArmato is just starting out
Default

Thanks. That does work.

How would the blocklist need to be written ? If I had a list of domains could I create one myself ?
Reply With Quote
  #43  
Old 03-09-2013, 11:02 PM
RMerlin's Avatar
RMerlin RMerlin is offline
Very Senior Member
 
Join Date: Apr 2012
Location: Canada
Posts: 9,544
Thanks: 47
Thanked 5,085 Times in 2,155 Posts
RMerlin is just starting out
Default

Quote:
Originally Posted by AnthonyArmato View Post
Thanks. That does work.

How would the blocklist need to be written ? If I had a list of domains could I create one myself ?
IP ranges have to be in a CIDR format to be easily pluggable into an ipset list. For example, to block 192.168.1.1 through 192.168.1.254, it would have to be entered as 192.168.1.0/24.
__________________
Asuswrt-Merlin: Customized firmware for Asus routers
Github: github.com/RMerl - Twitter: RMerlinDev
See the sticky post for more info.
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


All times are GMT -4. The time now is 10:38 AM.


Top 10 Stats
Top Posters* Top Thanked
RMerlin  341
sm00thpapa  232
stevech  185
azazel1024  155
KGB7  138
htismaqe  85
jim769  83
philmiami  74
AcostaJA  69
ColinTaylor  59
RMerlin  5084
stevech  315
ryzhov_al  249
TeHashX  209
RogerSC  187
L&LD  186
joegreat  123
jlake  122
sinshiva  111
sfx2000  111
Most Viewed Threads* Hottest Threads*
Old ASUS RT-N66U...  23838
Old NETGEAR...  13003
Old Switched...  7470
Old 3.0.0.4.376.1...  6748
Old NEW RT-AC68R...  6580
Old ASUS...  5983
Old ASUS RTAC68U...  3502
Old Netgear...  3298
Old ASUS...  3088
Old N66U daily...  2847
Old ASUS RT-N66U...  169
Old NETGEAR...  161
Old Switched...  65
Old ASUS...  56
Old NEW RT-AC68R...  56
Old N66U daily...  47
Old Netgear...  41
Old Which router...  41
Old ASUS RTAC68U...  41
Old ASUS...  38


Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
© 2006-2014 Pudai LLC All Rights Reserved.