I installed Adguard as this post , but there is a DNS port setting in there.
Like this:
iptables -t nat -A PREROUTING -i br-lan -p udp --dport 53 -j DNAT --to 192.168.1.1:5353
iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 53 -j DNAT --to 192.168.1.1:5353
Now how do I set it up to achieve this?
mbo2o
April 26, 2022, 11:54pm
51
1 Like
I've searched for this article before, but I couldn't read it or figure out how to do it on openwrt 22.
Create the following entry in /etc/firewall
config redirect
option name 'Redirect-DNS'
option src 'lan'
option src_dport '53'
option dest_ip '192.168.1.1'
option dest_port '5353'
option target 'DNAT'
I have done the above but the ad filter is still not working
I have returned to version 21.0.3 and everything is working fine, I will update to version 22 when I search for a solution.
There is a new thread which handles this better. The old thread had AGH installed at 5353 thus adding an additional hop to your DNS route.
The new way switches Dnsmasq to be behind AGH and thus only refers to Dnsmasq for PTR requests.
Introduction:
This thread mostly covers the manual installation of AdGuard Home's edge/beta version. OpenWrt's opkg version is the stable release. The edge version installs to /opt/AdGuardHome , the opkg version to /etc/adguardhome for the config files and /tmp for filters, logs etc thus you WILL loose them when your router reboots.
AGH - https://github.com/AdguardTeam/AdGuardHome
A few points first of all.
The ports chosen are either well known alternate ports or reasonable compromises. Y…
2 Likes
Thank you very much, I will try this.
Thanks for the RC, the firmware works well on:
Issues on packages:
banIP : related with nftables / iptables
vpn-policy routing : fail on setup gateway
Packages working:
adblock
unbound DoT
nlbwmon
ddns
wireguard
So, rollback to the stable 21.02.3.
2 Likes
Upnp doesnt work for 2 console only one on my belkin rt3200
sniper
April 27, 2022, 7:29am
59
Trying out 22.03.0-rc1 on my Archer C7 v2 I found that IPv6 from LAN to WAN and vice versa works fine, but not Pv4. IPv4 on the subnet and to the router works fine and IPv4 from the router to the internet also works fine, but something seems wrong with the transmission of IPv4 packets from LAN to WAN and vice versa. Switched back to 21.02.3, now everything works as expected again. On my other router (gl.inet) version 22.03.0-rc1 works fine, strange.
I was able to get IPv4 working, but the deauth issues on one of my static devices started showing up in the logs today.
I rolled back to 21.02.3 (again).
I'll give it another shot when rc2 is released.
Install iptables-nft then use the same iptables commands.
sniper
April 27, 2022, 9:33am
62
Will do the same and wait for rc2.
Maybe the problems will be solved then.
Searching now just takes too much time.
Where am I supposed to file bugs? https://github.com/openwrt/openwrt/issues doesn't give a way to address 21.03.0-rc1, as far as I can see.
jow
April 27, 2022, 1:20pm
64
Just state the version somewhere in your issue description
Hi.
Successfully installed on a Linksys MR8300 (ipq40xx).
1 Like
I used to use firewall.user to block guest network access private addresses, rules as:
# Forbidden accessing private addresses
iptables -I forwarding_guest_rule -d 0.0.0.0/8 -j REJECT
iptables -I forwarding_guest_rule -d 10.0.0.0/8 -j REJECT
iptables -I forwarding_guest_rule -d 127.0.0.0/8 -j REJECT
iptables -I forwarding_guest_rule -d 169.254.0.0/16 -j REJECT
iptables -I forwarding_guest_rule -d 172.16.0.0/12 -j REJECT
iptables -I forwarding_guest_rule -d 192.0.0.0/24 -j REJECT
iptables -I forwarding_guest_rule -d 192.0.2.0/24 -j REJECT
iptables -I forwarding_guest_rule -d 224.0.0.0/3 -j REJECT
iptables -I forwarding_guest_rule -d 198.18.0.0/15 -j REJECT
iptables -I forwarding_guest_rule -d 198.51.100.0/24 -j REJECT
iptables -I forwarding_guest_rule -d 203.0.113.0/24 -j REJECT
How am I suppose to do the same with nftables?
1 Like
hi try traffic rules ?
in firewall
Why is that it doesnt matter whether I flash the router after a while I just cant log in to Luci. The password does contain special characters. I need to do a soft reset all the time...