D-Link Forums

The Graveyard - Products No Longer Supported => Routers / COVR => DIR-655 => Topic started by: dogwalker on June 28, 2010, 07:25:50 PM

Title: I could really use help on Inbound Filters
Post by: dogwalker on June 28, 2010, 07:25:50 PM

My brother and I play a few online games together, and neither game has built-in voice chat, so I installed a Teamspeak server on my machine and we both run the client.  Of course, I have to forward the port to my machine, and that works fine.

However, I don't want to leave the port forwarded if we're not playing, so I wind up activating and deactivating that forwarding rule (and the Ghost Recon one if we're playing that game and I'm hosting) whenever we play.  Unfortunately, that requires a reboot, which kicks my whole house off the router (and hence, the Internet) for 30-35 seconds.  With my old Zyxel router, this reboot lasted just a few seconds, and in fact didn't always kick people off.

So, I thought I'd try Inbound Filters.  But I've had zero luck with them.  I want to limit that rule to just my brother's IP address.  To test it, I've created a rule with a different IP and then had him join - he shouldn't be able to join, but he is.

On the same entry as the Teamspeak rule, I leave the schedule at "Always" and I set the Filter to something, but it seems to make no difference.  I even tried "Deny All" and my brother was still able to connect.

I'd appreciate any suggestions.  Thanks.

Title: Re: I could really use help on Inbound Filters
Post by: dogwalker on June 29, 2010, 11:07:30 AM

I should be more specific.

On the "24 - Port Forwarding Rules" screen, I create a rule for Teamspeak.
http://support.dlink.com/Emulators/dir655/133NA/Gaming.html
Name: Teamspeak
TCP: [blank]
Schedule: Always
IP Address: 192.168.0.101 (my machine, to which I assigned a static IP)
UDP: 9987
Filter: Bogus  (see below)

For the Filter, I'll eventually put in a filter with just my brother's IP address, but first I want to confirm that it blocks out anyone else, so I created a "Bogus" filter with an IP address not his.  This means he should not be able to connect.  I even tried the "Deny All" filter.

On the Inbound Filter page (http://support.dlink.com/Emulators/dir655/133NA/Inbound_Filter.html), I entered the name Bogus and clicked on Enable for the first row, where I put the same bogus address for Start and End, and set the Action to "Allow" and added it.  I confirmed that the Filter was in the "Inbound Filters Rules List" and saved.  I was then able to use this filter in my Port Forwarding.

Now, I did some reading, and it appears that UDP Enpoint Filtering can affect the results, so I've tried setting that to both "Endpoint Independent" and "Address Restricted" - I have not tried "Port and Address Restricted" yet.

Has anyone actually created Inbound Filter rules to protect your port forwarding rules, and can verify it works for you?

Thanks.

Title: Re: I could really use help on Inbound Filters
Post by: djdevon3 on July 17, 2010, 10:20:06 PM

First are you trying to access the vent/ts server from an internal or external IP?  Try using the inbound filter on the advanced tab?  You must login to enable/disable firewall, routing, port forwarding stuff.  There's no way around it sorry so yeah you'll have to do that 15-30 second router reboot each time. ;(