What is the best option for me?

2 posts / 0 new
Last post
gworley
gworley's picture
What is the best option for me?

Currently using Netgear's firmware. and am having a problem -- cannot block incoming IP addresses.  I am having an SSH attach on port 20.  UPnP has assign that to a NAS drive.  It has excellent security on it. Also getting VNC port  5900 attach from the same IP address and have been blocking the IP's on the VNC machine on 5900.

I have 3 NAS drives, 2 wired computers with VNC, 2 Smart TV's, 2 Roku 3 boxes, 2 Tablets, smart phone, and a wireless laptop  attached  to my LAN.  One of the wired computers is an email server.  Appropriate ports forwarded, however there are 2 ports forward a little differently: incoming ports 25 and 2525 are forwarded to port 25 on the mail server (this is done because on of my friends ISP blocks sending SMTP mail to any other server other than their own); since I have 2 computers that have VNC on them I have forward 5901 to internal port 5900 on that computer. Currently having the the R6400 router emailing me the log files hourly.

Netgear firmware doesn't allow blocking of incoming IP addresses.

Can someone advise me on which open source firmware that would be better for me?

  • Need to be able to block incoming IP addresses
  • Need to be able to have log emailed to me
  • Need to be able to forward multiple ports to the same internal port
  • Need top WiFi speed available in the USA
  • Might need instructions on how to flash the router as I have never flashed a router with open sourced firmware..

Thanks for your help in advance,

George Worley

 

mlord
mlord's picture
Most (all?) firmwares (even

Most (all?) firmwares (even stock in many cases) will allow blocking of specific IP addresses.  If you don't see a special GUI for it, then it can still be done from the command line, or from an automatic router "script" with a series of "iptables" commands.  Difficult to show all off that here though, but here is an example of adding a rule to drop all packes from IP addres 1.2.3.4:

iptables -I INPUT --source 1.2.3.4 -j DROP