OpenWrt Forum Archive

Topic: Luci Adding Iptables for DNSmasq OpenWrt12.09

The content of this topic has been archived on 29 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
jamesarbrown
9 Jul 2013, 18:48

Hi,

Sorry if this sounds stupid, but Iptables is not my strength.

I want to close WAN Output to Drop.

Then wish to open up only the traffic I want. Firstly that would be DNS.

I found this broad sweeping rule and put in the custom section as a test, but it inserts AFTER the drop rule so nothing.
iptables -A INPUT -p udp --sport 53 -j ACCEPT
iptables -A INPUT -p udp --dport 53 -j ACCEPT
iptables -A INPUT -p udp --sport 1024 -j ACCEPT
iptables -A INPUT -p udp --dport 1024 -j ACCEPT
iptables -A OUTPUT -p udp --sport 53 -j ACCEPT
iptables -A OUTPUT -p udp --dport 53 -j ACCEPT

I have tried opening via Luci but only seem to end up with an Input and a Forward rule (no way of getting an output rule)

If someone could advise a suitable rule and even better how to put that in via Luci making the rules in the main display tables.

Thanks

JB

(Last edited by jamesarbrown on 9 Jul 2013, 18:49)

Post #2
jamesarbrown
13 Jul 2013, 14:44

Sorry I hate to bump, but have been away to try and resolve with no luck

Maybe if I re-phrase?

How can you add an iptables "Output" rule via Luci?

The discussion might have continued from here.