• October 31, 2024, 07:30:15 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: Firewall not functional  (Read 12277 times)

KevinA

  • Level 1 Member
  • *
  • Posts: 22
Firewall not functional
« on: December 08, 2018, 02:02:37 PM »

Since I can't get the webfilter to work I tried to block yahoo.com using the firewall:
Added WAN rules for the 6 IP address that were returned in nslookup yahoo.com
set WAN source and destination to the same IP, port to any then saved.

Yahoo.com is not blocked
          98.137.246.8
          98.138.219.231
          98.138.219.232
          72.30.35.9
          98.137.246.7
          72.30.35.10
and again I had to switch back to my old DIR-655 router to post on this forum
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Firewall not functional
« Reply #1 on: December 08, 2018, 03:48:35 PM »

Is DNS relay enabled and did you set up a schedule to block the rule?
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

KevinA

  • Level 1 Member
  • *
  • Posts: 22
Re: Firewall not functional
« Reply #2 on: December 08, 2018, 05:26:19 PM »

Is DNS relay enabled and did you set up a schedule to block the rule?
DNS Relay is enabled and Schedule is Always Enabled
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Firewall not functional
« Reply #3 on: December 08, 2018, 05:47:59 PM »

Try setting up a schedule and then select the schedule for this configuration your using.

Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

KevinA

  • Level 1 Member
  • *
  • Posts: 22
Re: Firewall not functional
« Reply #4 on: December 13, 2018, 07:49:18 PM »

Try setting up a schedule and then select the schedule for this configuration your using.

I setup a schedule, everyday, 7/24 named it ALL
Created a new IP4 rule:
Source: WAN 67.211.218.75
Destination WAN 67.211.218.75
Protocol& port ANY
Schedule ALL
Saved the rule , IP4 filtering on denied, tried it, got right to the website, no firewall.

In the users guide there is NO examples.

Changed the Source to LAN 10.0.0.0-10.255.255.255
That is saying from my local LAN, ALL IP addresses to 67.211.218.75 on any port or protocol
And that stopped access.
Now I can go after yahoo and their 6 IP address.....

 
« Last Edit: December 13, 2018, 08:33:49 PM by KevinA »
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Firewall not functional
« Reply #5 on: December 14, 2018, 06:49:07 AM »

Sounds the the configuration needs to be LAN to block whats on WAN side.   ???
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

KevinA

  • Level 1 Member
  • *
  • Posts: 22
Re: Firewall not functional
« Reply #6 on: December 20, 2018, 12:15:54 PM »

Now I can go after yahoo and their 6 IP address.....

ended up with three rules with source set to ranges
98.137.246.7-98.137.246.8
98.138.219.231-98.138.219.232
72.30.35.9-72.30.35.10
And Destination set to
10.0.0.0-10.255.255.255

BUT
When I click a link that redirects to Yahoo the browser just sits and spins, forever.......
Useless.
I want to filter yahoo domain and get an OOPS page back the second I try!
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Firewall not functional
« Reply #7 on: December 21, 2018, 06:44:25 AM »

Ya Yahoo has other IPs, I presume Like Google and such don't have just one single IP address.  ::)
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

GreenBay42

  • Administrator
  • Level 11 Member
  • *
  • Posts: 2752
Re: Firewall not functional
« Reply #8 on: December 21, 2018, 08:15:39 AM »

If you block IP address, DNS addresses do not get blocked. You would have to enter the yahoo IP address in the web browser for it to be blocked.
Logged

KevinA

  • Level 1 Member
  • *
  • Posts: 22
Re: Firewall not functional
« Reply #9 on: December 21, 2018, 06:14:33 PM »

If you block IP address, DNS addresses do not get blocked. You would have to enter the yahoo IP address in the web browser for it to be blocked.
nslookup yahoo.com returns all the IP addresses yahoo is currently using.
Firewalls block IP address, the internet works with IP addresses, yahoo.com resolves to an IP address using DNS, using that IP address is how you get to yahoo.com and hence, why firewalls use IP addresses... The Webfilter thing is suppose to be parental control, at least that is what your competitors call it, they block words regardless of the websites protocol or port, when it works.
Again, URL of yahoo.com is resolved to an IP then the browser uses the IP to get to the domain, at that point the router sees the IP it is suppose to be blocking and in the case of the DIR-867 it does nothing instead of failing the request immediately like it should, since the browser is not told of the failure it just sites and spins, forever.

Update: news.yahoo.com is on a different IP from yahoo.com: I setup Windows 10 Firewall to block news.yahoo.com and the other three ranges of IP's that yahoo uses. Now when I click on a link that sends the browser to yahoo.com or news.yahoo.com the browser dies instantly, no spinning at all. Still can't get the Webfilter to block Kardashian.....
« Last Edit: December 22, 2018, 05:44:05 PM by KevinA »
Logged