• August 24, 2019, 06:40:12 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Pages: 1 [2]

Author Topic: Inbound Filters?  (Read 6710 times)

GewGaw

  • Level 1 Member
  • *
  • Posts: 15
Re: Inbound Filters?
« Reply #15 on: January 12, 2015, 12:04:55 PM »

I just got a confirmation phone call that they have been able to reproduce the problem and are reviewing it.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 47712
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Inbound Filters?
« Reply #16 on: January 12, 2015, 12:16:35 PM »

Awesome, I presume next FW release should have something:
http://forums.dlink.com/index.php?topic=59562.0
Logged
Cable:200mb/10Mb>NetGear C7800>DIR-882>DGS-1100>HP 24pt Gb Switch. COVR-3902/2202/1203,DIR-2680,890L,882,880L,868L,DNR-202L,DNS-345x2,DCS-933L,936L and 960L.
Go Here>Router Troubleshooting

GewGaw

  • Level 1 Member
  • *
  • Posts: 15
Re: Inbound Filters?
« Reply #17 on: February 13, 2015, 08:09:36 AM »

They just sent me a beta firmware which addresses the security/flaw in the firewall rules. I am running tests on all of our new DIR-880L's and will inform them of the results. I suspect it will be rolled up into a public beta shortly.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 47712
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Inbound Filters?
« Reply #18 on: February 17, 2015, 07:50:58 AM »

Please let us know how the beta works.

Thank you.

They just sent me a beta firmware which addresses the security/flaw in the firewall rules. I am running tests on all of our new DIR-880L's and will inform them of the results. I suspect it will be rolled up into a public beta shortly.
Logged
Cable:200mb/10Mb>NetGear C7800>DIR-882>DGS-1100>HP 24pt Gb Switch. COVR-3902/2202/1203,DIR-2680,890L,882,880L,868L,DNR-202L,DNS-345x2,DCS-933L,936L and 960L.
Go Here>Router Troubleshooting

GewGaw

  • Level 1 Member
  • *
  • Posts: 15
Re: Inbound Filters?
« Reply #19 on: February 19, 2015, 07:35:12 AM »

The new firmware seems to have addressed the issue. Had a few hiccups but just may be a fluke. Will continue to run it for a while and try to make sure it is working as intended.

The firewall rule set i used is something like this:
-Port forwards and virtual server rules as you would normally do
-Create the following IPv4 rule set:
-Allow all LAN subnets out 192.168.0.1-192.168.0.254 on all ports 1-65535 UDP and TCP to all WAN IPs 1.1.1.1-254.254.254.254 (this will allow traffic to flow out when the firewall is enabled)
-Allow specific WAN IP (such as 8.8.8.8) in on desired port (such as 80 TCP) to specific internal IP (such as 192.168.0.10). To simplify things I did a rule for my "trusted" source IPs as a blanket one so for example 8.8.8.8 WAN can access all my internal IPs 192.168.0.1-192.168.0.254 on all ports 1-65535 UDP and TCP this allows that IP to access any virtual server or port forward I have put in place
-Ensure to create rules for any "wide open" services you are running such as VPNs, websites, ftp, torrent, etc. This can be done by creating a rule such as: allow WAN IP 1.1.1.1-254.254.254.254 to LAN IP specific 192.168.0.10 and the desired port UDP 1194 (this must match your virtual server or port forwarding rules.
-Once saved then enable the firewall rule set to "BLOCK all but listed"

Sorry for the condensed and somewhat unclear example, but I wanted to provide something in case people want to secure their port forwards a little more, ONCE the firmware is released.

GewGaw
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 47712
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Inbound Filters? (RESOLVED)
« Reply #20 on: February 19, 2015, 08:03:16 AM »

Thanks for posting your results and information. Hope this helps users. I would recommend letting D-Link know of your results and ask them to please include there fixes in future releases.

Enjoy.  ;)
Logged
Cable:200mb/10Mb>NetGear C7800>DIR-882>DGS-1100>HP 24pt Gb Switch. COVR-3902/2202/1203,DIR-2680,890L,882,880L,868L,DNR-202L,DNS-345x2,DCS-933L,936L and 960L.
Go Here>Router Troubleshooting
Pages: 1 [2]