Block shell access for a connected device

amitguptakiitian · February 6, 2023, 7:28am

Hi All,

I wanted to block the shell access (SSH connection) for my Linux system (having IP Address 192.168.1.204) connected with openWRT Router. I am running 18.06.8 openWRT firmware on my Linksys router.

I learned to know that if I use FORWARD chain of iptables and Insert the below rule in the FORWARD chain of filter table at the router then the router should block this specific ssh connection intended for my Linux system but It is not the reality. I am able to do SSH to my Linux System from another device.
the rule is: iptables -I FORWARD -d 192.168.1.204 -p tcp --destport 22 -j DROP

can somebody suggest if I am missing something in the rule?
Also, is it possible to block any private connections( b/w two devices) from the router?

Thanks in Advance!!

frollic · February 6, 2023, 7:38am

you should really do this in the Linux boxes firewall ...

amitguptakiitian · February 6, 2023, 7:44am

thanks frollic,
but is it possible to block this connection at the router level?

psherman · February 6, 2023, 7:57am

Block from where? Other hosts on the same subnet?

frollic · February 6, 2023, 8:03am

not as long as the hosts are on the same subnet.

amitguptakiitian · February 6, 2023, 9:04am

Block from the router.

frollic · February 6, 2023, 9:10am

same subnet == not passing the firewall.

block it in the other end.

amitguptakiitian · February 6, 2023, 9:23am

Thanks, Frollic, Got it.

system · March 21, 2023, 12:54pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.