Blocking Discord usage


Something like this

 iptables -I FORWARD -m mac --mac-source xx:xx:xx:xx:xx:xx -m conntrack --ctstate ESTABLISHED,RELATED -j DROP

and this to allow access again:

iptables -D FORWARD -m mac --mac-source xx:xx:xx:xx:xx:xx -m conntrack --ctstate ESTABLISHED,RELATED -j DROP


even just dropping all packets from that mac, but the question is how to get that into the firewall early enough that it hasn't been accepted already :wink:

iptables -I FORWARD -m mac --mac-source xx:xx:xx:xx:xx:xx -j DROP

Of course that will shut off outgoing packets not incoming :wink:

@YvanCB it looks like the "forwarding_rule" chain executes before the ACCEPT of established,related traffic so if you can add your rule to that chain, it should work. I'm not sure how to inject a rule into a specific chain using UCI but you could do it with a command line:

iptables -A forwarding_rule ...



Thank you dlakelan, hisham, rj-45 and lleachii.
Can I add 'iptables" rules in the custom rules tab of the firewall :
It seems that these rules are active just after the firewall start (or re-start).


I'm not sure, but it's possible to use ban-ip (luci-app-banip) to block discord ip's, then with crontab you can set
the block time, someone maybe have better idea.


Yes you could use that tab to add your time based rules to the "forwarding_rule" chain, where it will be run before the accept of established,related traffic


Thanks you. I will try when I have enough time.