Brad Fitzpatrick (brad) wrote,
Brad Fitzpatrick
brad

WRT54G 2.0 firewalling question

I have a WRT54G ver 2.0 (CD5* S/N).

I want wifi in the house, but I do not want Wifi users to be able to connect to 10.0.0.0/8, the local house network. Typically I've always put Wifi routers behind a Linux box and firewalled the shit out of it, letting it connect to some ports (tcp port 22) on the local network but not others (everything else, including UDP (NFS)). But I haven't had such an extra box around for awhile. Or rather, I do, but it's no longer serving its other purpose, and I don't want a loud power-sucking tower box turned on non-stop to do a frickin' firewall rule when this router is a computer and has the smarts to implement my simple firewall rule itself.

But can it? (with the default firmware)

I tried to add a static route of 10.0.0.0/8 to 10.99.99.99 (something dead) to make it work, but no effect.

Do I have to install OpenWrt or something to achieve this? And then how much pain? And will I end up frying this guy if I ever want it back in its original state?

And if I want multiple of these around the house so people can roam without dropping ssh connections, I assume I'd need OpenWrt for that? Can it do that?

Update: Realized I could just manually set the gateway IP to a new IP on my home server (Linux) and firewall it there. Will do that later. OpenWrt looks like a distraction I don't need.
Tags: lazyweb, tech
Subscribe
  • Post a new comment

    Error

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 10 comments