Sign in with
Sign up | Sign in
Your question

D-Link firewall trouble

Last response: in Networking
Share
June 20, 2010 8:44:23 AM

I have a D-Link 524, firmware 3.02, whose firewall i am trying to use to ban individual ip addresses.

I host servers for pc games, and have hackers i would like to ban. Already have an ip logger. Can't find any guides to do what i need to do. I also host on ports 2302-2320.

firewall interface looks like this:

p.s. - not my rules, just used this picture from internet.

More about : link firewall trouble

June 21, 2010 12:22:34 AM

Ozzy4pres said:
I have a D-Link 524, firmware 3.02, whose firewall i am trying to use to ban individual ip addresses.

I host servers for pc games, and have hackers i would like to ban. Already have an ip logger. Can't find any guides to do what i need to do. I also host on ports 2302-2320.

firewall interface looks like this: http://www.andras.net/router_aw/di-524-firewall.png

p.s. - not my rules, just used this picture from internet.


Forget the firewall. Use MAC filtering. "Allow" only those machines on the MAC list.
Go here to enter your revision number and get the manual to the router:

http://www.dlink.com/products/default.aspx?pid=DI-524&t...

If you can't get MAC numbers, add a third party software firewall that allows a list.
m
0
l
June 21, 2010 7:37:05 AM

ty, but the last thing i want to do is install a firewall on my computer, and i have already taken a look @ that manual. Is there a software that you recommend to convert ip's to mac?
m
0
l
Related resources
June 22, 2010 6:18:51 AM

Ozzy4pres said:
ty, but the last thing i want to do is install a firewall on my computer, and i have already taken a look @ that manual. Is there a software that you recommend to convert ip's to mac?



I don't recommend software until I have used it myself, but here is something you may be interested in...

http://cc-get-mac-address.software.informer.com/
m
0
l
June 24, 2010 5:54:39 AM

I'd ditch the D-Link, switch to iptables, and script something that adds the IP's automatically using fail2ban or something along those lines. That d-link is really old at this point... (I have one, don't use it) and well... it's time to do something different if you're trying to be effective.

Also trying to block based on MAC address won't work for external addresses as the source mac would always be your gateway / modem / router / whatever is upstream. Using a host based firewall is probably a better option... but still not a huge fan of most of them.
m
0
l
June 24, 2010 9:27:24 PM

Something to think about: banning by IP will not solve your problem, IP addresses can easily be spoofed, plus 90% of them are probably dynamic from the ISP so in time they will change anyways...

If you can ban by username or SN that might be better (depends on the game).

What games are you hosting?
m
0
l
June 24, 2010 11:48:39 PM

tkrl26 said:
IP addresses can easily be spoofed


Not really... you can obsecure them through a proxy, but banning that proxy still accomplishes banning the user until they find a different proxy. True that they can get new IP's when they reconnect with their ISP but that requires action on their part. Realistically if you can automate it and ban IP's for an hour at a time then that's probably about as good as you can accomplish.

Also, why you can't "spoof" IP's easily for gaming... reason is simple... that if you want to game with that IP (even cheating) you still have to have a way to get the return packet back to you, and a spoofed packet won't route back to you. Hence why you typically see spoofed packets in connectionless attacks like synfloods and all, but it's impossible to "spoof" the IP in the packet if you need to be able to complete the 3-way handshake on a TCP connection. And yes, I know most games like to use UDP which is connectionless, however the UDP traffic still has to route back to you for the 2 way communication.
m
0
l
!