Just flashed openwrt 23.05 on a Flint2/mt6000 and was reading this https://medium.com/@mjyai/two-simple-steps-to-strengthen-the-openwrt-router-firewall-97285dc4394b article and noticed a comment that said it was for older openwrt releases with iptables and not nftables on newer releases.
Can anyone help provide an updated formatting for newer openwrt releases, please?
It's not clear why you think this article strengthens OpenWrt, or why we would have some updated formula for it. That article doesn't appear to be in the official OpenWrt Wiki.
The article mentioned BanIP (but I think it's a script to ban scanners, more on that below) - this is an available package in OpenWrt and no fancy scripts from an 3rd party article needed. See: banIP support thread
Lastly, the article mentioned banning scanners - but by default, OpenWrt's firewall blocks unsolicited traffic on WAN anyway. You can also turn off things like ping, etc. without fancy scripts.
Thanks! I'm here to learn, appreciate your help and feedback. I'll check out the thread.
Feedback: no harm in flipping options they suggest. using banip or not is a matter of taste, does not change overall operation of firewall in any way.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.