Blocking Discord usage


#21

Something like this

 iptables -I FORWARD -m mac --mac-source xx:xx:xx:xx:xx:xx -m conntrack --ctstate ESTABLISHED,RELATED -j DROP

and this to allow access again:

iptables -D FORWARD -m mac --mac-source xx:xx:xx:xx:xx:xx -m conntrack --ctstate ESTABLISHED,RELATED -j DROP

#22

even just dropping all packets from that mac, but the question is how to get that into the firewall early enough that it hasn't been accepted already :wink:

iptables -I FORWARD -m mac --mac-source xx:xx:xx:xx:xx:xx -j DROP

Of course that will shut off outgoing packets not incoming :wink:

@YvanCB it looks like the "forwarding_rule" chain executes before the ACCEPT of established,related traffic so if you can add your rule to that chain, it should work. I'm not sure how to inject a rule into a specific chain using UCI but you could do it with a command line:

iptables -A forwarding_rule ...

#23

Hello,

Thank you dlakelan, hisham, rj-45 and lleachii.
Can I add 'iptables" rules in the custom rules tab of the firewall :
FireWall
It seems that these rules are active just after the firewall start (or re-start).
Regards.


#24

True!
I'm not sure, but it's possible to use ban-ip (luci-app-banip) to block discord ip's, then with crontab you can set
the block time, someone maybe have better idea.


#25

Yes you could use that tab to add your time based rules to the "forwarding_rule" chain, where it will be run before the accept of established,related traffic


#26

Thanks you. I will try when I have enough time.
Regards.