openwrt 禁局域网内设备访问外网
This file is interpreted as shell script.
Put your custom iptables rules here, they will
be executed with each firewall (re-)start.
Internal uci firewall chains are flushed and recreated on reload, so
put custom rules into the root chains e.g. INPUT or FORWARD or into the
special user chains, e.g. input_wan_rule or postrouting_lan_rule.
iptables -t nat -A PREROUTING -p udp –dport 53 -j REDIRECT –to-ports 53 iptables -t nat -A PREROUTING -p tcp –dport 53 -j REDIRECT –to-ports 53 iptables -I FORWARD -m mac –mac-source c4:9f:4c:10:54:9b -j DROP iptables -I FORWARD -m mac –mac-source 20:39:56:5c:f4:57 -j DROP iptables -I FORWARD -m mac –mac-source 60:21:01:9f:0d:83 -j DROP iptables -I FORWARD -m mac –mac-source 14:bd:61:cc:aa:4c -j DROP iptables -I FORWARD -m mac –mac-source 7c:76:68:e0:98:4c -j DROP iptables -I FORWARD -m mac –mac-source 3c:b6:b7:f6:f7:d7 -j DROP iptables -I FORWARD -m mac –mac-source 1c:40:e8:11:a1:10 -j DROP
- Author: zhoujie
- Link: https://blog.zhoujie218.top/archives/988.html
- License: This work is under a 知识共享署名-非商业性使用-禁止演绎 4.0 国际许可协议. Kindly fulfill the requirements of the aforementioned License when adapting or creating a derivative of this work.