Regarding the lack of iptables-save on DD-WRT, where might I find the iptables-save .ipk to install on the R8000? If there is no .ipk for iptables-save, how might I go about compiling the source?
I have a 32,000+ iptables ruleset that I made a shell script from Peerblock bluetack/iblocklist lists that I want to restore on bootup. I can (and do) use Administration > Commands -> Firewall to save some rulesets, but the web-based interface can only handle a couple hundred entries before it siezes up.
Now I can just run my shell script to restore the rulesets on bootup, but it takes about 15-20 minutes which is unacceptable, compared to just iptables-restore -c < firewall.rules
I suppose I can make a copy of /etc/.ipt and manually edit and restore said file, but there should be an easier way to do this.
For iptables, i've read:
https://www.dd-wrt.com/wiki/index.php/Iptables_command is of no help.
For installing packages, i've read:
http://www.howtogeek.com/98408/how-to-install-additional-software-on-you...
I have also been trying to save a large firewall script. I understand from http://www.dd-wrt.com/wiki/index.php/Script_Execution that I could save the script in
etc/config or jffs/etc/config with extension ".prewall" or ".wanup" to have it executed automatically before the firewall. But this doesn't seem like the right way to automate the job. I am afraid to do it.
Would love some details about what path my script should be placed in from someone who has done this
This really frustrates me. Why would MyOpenRouter create an opensource, advanced-configuration firewall firmware, yet prohibit its users from actually using the advanced configurations? It is absolutly absurd.
I read elsewhere that they decided to leave out iptables-save simply because so few people actually used it and it just take up space. Yet they still allow iptables and iptables-restore? I hope this gets seen by the firmware maintainers.
And if not, how about the maintainers throw up a FAQ on how to cross compile for DD-WRT on arm as well? I mean, something is better than nothing.
Its almost like a sick joke at this point; "here, we have this advanced firewall firmware for you to use, but you won't get to actually save your firewall rules, LOL"