Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[bbear]

I created a DHCP reservation for every single device in my household. I created two access rules from scratch, one for the Block list and one for the Exception list, however this time instead of referencing the MAC addresses I used the IP. Note that like before, not all of the IPs were available via that Machine Name pull-down so I just typed the address in by hand.

Result: Same issue as before, i.e. when I enable the Block rule, everything on my home network looses access to the internet, even the computers which appear in the Exceptions rule.

I don't know what else to try, I am wondering now if I have something fundamentally wrong with the way I have set up the rules. Here is an overview of the rules which I have set:

The first rule (named: 'SslBlock') is set up as follows:

  Filtering=Block some access
  Logged=No
  Schedule=StudyTime (5pm to 9pm weekdays)
  IP address ending in 21
  IP address ending in 22
  IP address ending in 25
  Apply Web Filter
  Advanced Port Filters

The advanced port filter is set up for the full IP range, Port 443, UDP protocol


The second rule (named 'Exceptions_1') is set up as follows:

  Filtering=Log web access only
  Logged=yes
  Schedule=Always
  IP address ending in 20
  IP address ending in 23
  IP address ending in 24
  IP address ending in 26
  IP address ending in 30

IP ending in 20 is the administrator PC

Can you think of anything wrong with the rules which I have set?

[FurryNutz]

Looks good...
What happens if you take out all manges devices and just set up the one MAC address that seems to cause the issue?

[bbear]

Well, from my experiments today I am left totally confused, it is as if the whole access control thing is broken ..

This time I am starting with much the same set of IPs as before but for the Exceptions rule I changed it to use the same schedule (which at the moment should NOT be active as it is only defined for some weekdays, and it is Saturday today..

The first rule (named: 'SslBlock') is set up as follows:

  Filtering=Block some access
  Logged=No
  Schedule=StudyTime (5pm to 9pm weekdays)
  IP address ending in 21
  IP address ending in 22
  IP address ending in 25
  Apply Web Filter
  Advanced Port Filters

The advanced port filter is set up for the full IP range, Port 443, UDP protocol


The second rule (named 'Exceptions_1') is set up as follows:

  Filtering=Log web access only
  Logged=yes
  Schedule=StudyTime (5pm to 9pm weekdays)
  IP address ending in 20
  IP address ending in 23
  IP address ending in 24
  IP address ending in 26
  IP address ending in 30

IP ending in 20 is the administrator PC

The following is the sequence that I used in deleting the IP addresses from each of the rules. Whilst doing this I was pinging my ISP to check when I lost internet connection and when it came back:

Step 1) Starting IP setup (above), RESULT: No internet
Step 2) Remove IP ending in 21, RESULT: when hit the save button the router rebooted! Came back up with No internet
Step 3) Removed 22, RESULT: saved OK, No internet
Step 4) Removed 30, RESULT: saved OK, No internet
Step 5) Removed 26, RESULT: saved OK, No internet
Step 6) Removed 24, RESULT: saved OK, No internet
Step 7) Removed 23, RESULT: saved OK, No internet

So at this point my rules are basically:

'SslBlock':
   IP address ending in 25

'Exceptions_1':
    IP address ending in 30

And I still have no internet access!

Onto the next step ..

Step 8 Disabled the SslBlock rule, RESULT: Still no internet!
Step 9) Disabled the Exceptions_1, RESULT: Internet working again

At this point I haven't a clue what's going on, the access control/schedules seem to be following no logical pattern that I can determine

[FurryNutz]

Have you tried to just add one device per rule that you set up and test the rule out? If it works with one, then graduate to adding the next device.

[bbear]

I did as you suggested, I set about creating two completely new rules ..

I started by creating the first rule (the blocking rule). As soon as I entered the UDP port start (443) and port end (443) and saved it, I lost connection to the internet. This was despite the following:

1. It was not within the time defined in the schedule I had applied to the rule
2. The computer I lost connection to the internet (the admin PC) was not the IP which the rule applied to

Is there something illegal which I am doing with the UDP port range or something?

[FurryNutz]

Suppose you don't have a another router to test this out on. I suppose I should break out my 825 and test this out. Sounds like it might be a illegal parameter or configuration possibly.

[bbear]

Unfortunately I don't have any other router. Thanks for offering to try on your 825, do you want me to send you my saved config?
I have the config as I have it now, also I saved the config before I started adding the access rules

[FurryNutz]

Ya that would be great, since we have the same Rev router it should work. Just make sure you remove any WiFi and Admin log in passwords then save off the config file. You can email it to my address listed in my profile.

Also curious, does this happen if you use a different port? Something not 443?

[bbear]

hello,

I was wondering if you have had a chance to test out my config on your DIR-825

thanks

[FurryNutz]

Hey Bear, Sorry I have been doing some other things with router lately. I do have your config file and have reviewed it. I'll go play with this after work today and see if I can reproduce this. 

[FurryNutz]

So I loaded it this evening and can't get in. Can you disable the graphical CAPTCHA and set the admin PW blank then save the config once more and email it to me.