0

I'm a recent convert from ddwrt to openwrt. On ddwrt, I could use the lines below to block the amz address for my firetv. I tried doing this on openwrt, but I can still access the address.

insmod xt_mac 
insmod ipt_mac
iptables -I FORWARD 1 -p tcp --dport 443 -m mac --mac-source C0:33:5E:0F:6A:D3 -d amzdigital-a.akamaihd.net -j logdrop

^^works on ddwrt, it is not as consistent as the ip version below. (which works ALL the time.)

iptables -I FORWARD 1 -p tcp --dport 443 -s 192.168.1.131 -d amzdigital-a.akamaihd.net -j logdrop

I'm pretty sure it is possible to filter specific addresses or domains by mac, and I'm just missing something. Can someone offer some assistance?

Improve this question

1 Answer 1

Reset to default
0

Are you sure there is a LOGDROP policy on OpenWRT? Try: 

iptables -N LOGDROP
iptables -A LOGDROP -j LOG --log-prefix "DROP: "
iptables -A LOGDROP -j DROP
Improve this answer
1
  • I tried using Gargoyle and everything was actually working. Then I tried to save the iptables to the firewall.sh file and got a "out of space" error. lol. so...Now I'm back on ddwrt using a dns masq, then using ip tables to filter by mac address.
    – snapplex
    Commented Aug 14, 2016 at 15:12

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .