I have my ISP gateway (which is a regular wifi router) which is 192.168.178.1. This is connected to a DD-WRT router (using it's WAN port). I've had this setup for a while now and pretty much the default settings (Connection type Automatic/DHCP) worked. I set the local IP of the dd-wrt router to 192.168.0.1 and set DHCP to use the 192.168.0.xxx subnet aswell. This worked fine and I had an **isolated** subnet. That is: The 192.168.178.xxx subnet could not access machines on my 192.168.0.1 subnet, including the router, and vice versa. Now I got a new router, fresh dd-wrt installation, exactly the same settings and subnets, and suddenly I'm able to access 192.168.178.1 from my PC (which is on the dd-wrt subnet). Which setting is responsible for this, and how do I change that? Also, the new router displays the ISP router's domain name under WAN domain name (LAN domain name is empty). The old dd-wrt router did that too, but devices on the network where **not** on that domain (they were on an empty one instead). Now with this router, devices connected to it are automatically on that domain. I would really like to prevent that aswell. I hope my question is clear enough, and here are some more of my dd-wrt router's settings: Connection Type: Automatic Configuration - DHCP Hostname: Domain name: Shortcut Forwarding Engine: Enable STP: Disable Local IP Address: 192.168.0.1 Subnet Mask: 255.255.255.0 Gateway: 0.0.0.0 Local DNS: 0.0.0.0 DHCP Type: Server Start IP Address: 192.168.0.100 DNSMasq for DNS: Enabled DHCP-Authoritative: Enabled Forced DNS redirection: Disabled NTP Client: Enabled IPv6: Disabled entirely Advanced routing, Switch Config, Networking and Tunnels all on their defaults

I want to use a router in a network with a proxy. Without the router, everything works if you open the proxy settings in Windows and enter the address and port. No additional actions are required. I want the WiFi network users not to have to manually enter these parameters. The router has the following network interfaces:

br0       Link encap:Ethernet  HWaddr C8:B3:73:2B:B9:6C  
          inet addr:192.168.1.120  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
br0:0     Link encap:Ethernet  HWaddr C8:B3:73:2B:B9:6C  
          inet addr:169.254.255.1  Bcast:169.254.255.255  Mask:255.255.0.0
eth0      Link encap:Ethernet  HWaddr C8:B3:73:2B:B9:6C  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
eth1      Link encap:Ethernet  HWaddr C8:B3:73:2B:B9:6E  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
vlan1     Link encap:Ethernet  HWaddr C8:B3:73:2B:B9:6C  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
vlan2     Link encap:Ethernet  HWaddr C8:B3:73:2B:B9:6D  
          inet addr:10.134.4.122  Bcast:10.134.4.127  Mask:255.255.255.192
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

The router's IP address in the local network is 192.168.1.120. The router's IP address in the proxy network is 10.134.4.122. Proxy settings: IP 10.128.0.90 PORT 8080 In the router settings, I have recorded the following command in the startup:

#!/bin/sh
PROXY_IP=10.128.0.90
PROXY_PORT=8080
LAN_IP=nvram get lan_ipaddr
LAN_NET=$LAN_IP/nvram get lan_netmask

iptables -t nat -A PREROUTING -i vlan1 -s $LAN_NET -d $LAN_NET -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i vlan1 ! -s $PROXY_IP -p tcp --dport 80 -j DNAT --to $PROXY_IP:$PROXY_PORT
iptables -t nat -A PREROUTING -i vlan1 ! -s $PROXY_IP -p tcp --dport 443 -j DNAT --to $PROXY_IP:$PROXY_PORT
iptables -t nat -I POSTROUTING -o vlan1 -s $LAN_NET -d $PROXY_IP -p tcp -j SNAT --to $LAN_IP
iptables -I FORWARD -i vlan1 -o vlan1 -s $LAN_NET -d $PROXY_IP -p tcp --dport $PROXY_PORT -j ACCEPT

But the proxy is not working. What could be the problem?

I have internal network with the following setup: * router - 192.168.1.1 - that is running dd-wrt * rasberrypi - 192.168.1.190 (rp1.local) - that is running Rasberry Pi OS * notebook - 192.168.1.185 - that is running Ubuntu * some phones Everything is working as expected - I am able to connect to rp1.local or 192.168.1.190 - but there is some strange behavior, that I am not able to figure out: 1) everything was working 2) 2023-12-27 22:00 - it's not possible to connect to rp1.local from the notebook, because the host name cannot be resolved, it's still possible to connect to the IP address 192.168.1.190 3) 2023-12-28 01:00 - it's still possible to connect to 192.168.1.190 4) 2023-12-28 11:00 - notebook is not able to connect (ping/http) to the rasberry pi IP address 192.168.1.190 (ERR_ADDRESS_UNREACHABLE / Destination Host Unreachable), some phones are still able to connect to that IP address 5) 2023-12-28 15:00 - none of the phones is able to connect to that IP address During all that I can still connect to the router - 192.168.1.1 and from that router I can access 192.168.1.190 (or just rp1). This has happened to me several times, but in the past it has resolved in few hours. ## Other information: ### On the notebook:

ip addr
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp3s0:  mtu 1500 qdisc mq state DOWN group default qlen 1000
    link/ether 74:d0:2b:0a:04:2c brd ff:ff:ff:ff:ff:ff
3: wlp2s0:  mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 6c:71:d9:9c:82:4d brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.185/24 brd 192.168.1.255 scope global dynamic noprefixroute wlp2s0
       valid_lft 3925466sec preferred_lft 3925466sec
    inet6 fe80::352b:2ef9:850:124e/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

-----

resolvectl
Global
       Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub

Link 2 (enp3s0)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 3 (wlp2s0)
    Current Scopes: DNS
         Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.1.1
       DNS Servers: 192.168.1.1

-----

grep hosts /etc/nsswitch.conf
hosts:          files mdns4_minimal [NOTFOUND=return] dns myhostname

### Rasberry PI

ip addr
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute 
       valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc mq state DOWN group default qlen 1000
    link/ether d8:3a:dd:34:c7:01 brd ff:ff:ff:ff:ff:ff
3: wlan0:  mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether d8:3a:dd:34:c7:02 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.190/24 brd 192.168.1.255 scope global dynamic noprefixroute wlan0
       valid_lft 3927658sec preferred_lft 3927658sec
    inet6 fe80::a22e:9352:19e5:9fab/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

-----

resolvectl
Failed to get global data: Failed to activate service 'org.freedesktop.resolve1': timed out (service_start_timeout=25000ms)

# but it wasn't there, so I had installed sudo apt-get install systemd-resolved

-----

grep hosts /etc/nsswitch.conf
hosts:          files mdns4_minimal [NOTFOUND=return] resolve [!UNAVAIL=return] dns myhostname

### On the router

ip addr
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
       valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc sfq state UP qlen 1000
    link/ether 70:4f:57:8f:19:e6 brd ff:ff:ff:ff:ff:ff
3: vlan1@eth0:  mtu 1500 qdisc noqueue master br0 state UP 
    link/ether 70:4f:57:8f:19:e6 brd ff:ff:ff:ff:ff:ff
4: vlan2@eth0:  mtu 1500 qdisc noqueue state UP 
    link/ether 70:4f:57:8f:19:e6 brd ff:ff:ff:ff:ff:ff
    inet 10.2.236.203/24 brd 10.2.236.255 scope global vlan2
       valid_lft forever preferred_lft forever
7: br0:  mtu 1500 qdisc noqueue state UP 
    link/ether 70:4f:57:8f:19:e6 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.1/24 brd 192.168.1.255 scope global br0
       valid_lft forever preferred_lft forever
12: wlan1:  mtu 1500 qdisc mq master br0 state UP qlen 1000
    link/ether 70:4f:57:8f:19:e8 brd ff:ff:ff:ff:ff:ff
13: wlan0:  mtu 1500 qdisc noqueue master br0 state UP 
    link/ether 70:4f:57:8f:19:e5 brd ff:ff:ff:ff:ff:ff

On the router I was also manually adding some rules to open some ports, but from the IP tables output it's hard to say, which ones it could be. Furthermore, they would most likely not cause this type of behaviour. Do you have any idea?

I am working on a project with a Wi-Fi router (TP-Link) installed with dd-wrt firmware. A latop is directly connected over eth port with the router (as an adminsitrator who controls the router over telnet). There is also a user who is connected to the router wirelessly (ussing SSID, as any user would do to use the internet). Let's say the user is continuously downloading content. Now, I require to make this wlan interface (in my case ath0 through which the user is connected to) pause every 30 seconds for 2 second period, and then resume the traffic again. It is not a good idea to make the inteface down, as it will take some time to reconnect, and resume traffic (more than 6-7 sec as checked). Is there any way by which I can pause the traffic on the interface rathen than shutting it down completely ? Or what are the options by which the link can come live at its earliest ?

Please explain how I am misunderstanding these two commands: root@DD-WRT:/tmp/var/log# cat /proc/mtd dev: size erasesize name mtd0: 00080000 00020000 "boot" mtd1: 00180000 00020000 "nvram" mtd2: 01e00000 00020000 "linux" mtd3: 01c60000 00020000 "rootfs" mtd4: 05000000 00020000 "ddwrt" root@DD-WRT:/tmp/var/log# nvram show >/dev/null size: 52341 bytes (78731 left) Flash pages on my router are 128 kB (0x20000) and there are 12 pages (0x18/0x02) dedicated to NVRAM. Why, then, is my total available NVRAM just one page (52341+78731 B)?

I use DD-WRT to limit WAN bandwidth to one MAC address using DD-WRT's web interface. The key entry in the web interface (in "NAT/QoS" tab's "QOS" tab) is "MAC priority", which I normally set to 10000 "WAN Max Down kBits". I temporarily sometimes increase this value to 60000, but this is never needed permanently, so it seems wasteful to set this in the web interface (since it overwrites the NVRAM flash memory which has limited write cycles before wear-out). So, is there a way to temporarily increase this value with some command I could issue during a telnet session (and does not overwrite the NVRAM)? I have tried some wild guesses with the tc command, but been unsuccessful.

Okay so I bought a Buffalo WBMR-HP-G300H the first router/modem that supports DD-WRT, after having managed to get dd-wrt to run on the router without problems the next step was to plug my dsl cable from my isp into it. The supported adsl standards of my ISP are: ITU G.992.1 (ADSL-G.DMT) ITU G.992.2 (ADSL-G.Lite) ITU G.992.3 (ADSL2) ITU G.992.5 (ADSL2+) But when I access my DD-WRT setup page I can only see Annex A Annex A T1 Annex A Lite Annex A DMT Annex A ADSL2 Annex A ADSL2+ Annex L Annex B Annex B DMT Annex B ADSL2 Annex B ADSL2+ Annex M Annex M ADSL2 Annex M ADSL2+ After consulting https://en.wikipedia.org/wiki/Asymmetric_digital_subscriber_line#ADSL_standards Not much has remained clear in terms of which one should I choose or are even the ones I need available. My connection speed is 80/10mbit/s As this is the configuration on my ISP router/modem Encapsulation: 1483 Bridged IP LLC VPI: 1 VCI: 64 Bridge Mode: Enabled But regardless the dd-wrt router just does not work, the dsl just blinks periodically and that is it. Now the second thing that I have attempted to do is to just connect my dd-wrt rotuer to my ISP router but the two just do not play well with each other at all. I select the Automatic Configuration - DCHP I ve set the router IP ( dd-wrt ) to be 192.168.1.50 just to test things out, while the IP of the ISP router is 192.168.1.1 One strange thing to me is that when I select Automatic Configuration DHCP is that it is still asking me for the Annex Type VPI/VCI etc... even though I am just configuring the LAN ports on both ends. I am sorry if my description is not the best I really am, if you require additional information please ask I will provide it promptly. Thank you all for your time

I have one reason to flash dd-wrt onto my router (rt-ac66u), which is to be able to not assign any default route via DHCP. The stock firmware doesn't seem to be able to do this. Dd-wrt appears to be using dnsmasq as its DHCP server, which in itself supports this with dhcp-option=3. Since I understand an install is not without some risk, and that I apparently can't expect this functionality even from router manufacturers, I wanted to confirm beforehand whether dd-wrt definitely supports this? Or will it insist on itself as a default route (like every other router I own) if I leave the option blank?

I have an HP OfficeJet 8600 printer in my office that's around 10 years old but still works perfectly fine. I occasionally use this printer to scan to a samba share hosted on my DD-WRT router. I recently upgraded the software on the router, and I'm redoing everything to make sure it's all up to date and secure as I sometimes scan sensitive documents. The router/network is well secured, but better safe than sorry. Problem is, this printer never received updates to it's samba client or TLS. TLS isn't a big deal as it's only used for the web interface and I can easily override the minimum version in Firefox. The issue is the samba client -- it's using an old version. What would be the best solution to this problem? edit: it's SMBv1. oof. I thought of two possible solutions but I would like to ask the community if they have a better solution. I will note that I have a Gentoo server in my house as well as the DD-WRT router. 1. set up a VM on my server (Alpine probably), that hosts the insecure samba. after scanning it will then automatically move the scanned files to my secure samba share. 2. is there a way to set the minimum samba version per-user? if so I could create a specific user and share for the printer that uses this login with the old samba version. after scanning it will again move the files to my secure share. I assume option 1 would be the most secure, but all other suggestions are appreciated. Thanks! It's a shame that HP didn't support this printer, it's really nice and has served me well for 10 years. Well, what can you do ¯\\\_(ツ)_/¯

How can I clear the DNS cache in DD-WRT on my router? DD-WRT uses the dnsmasq daemon.

I hope everyone is well along with their loved ones. I Have two Linux-based Dd-wrt routers, on the main router (router A [10.1.1.1] n66u, small metered-like connection) i have a static route for googlevideo.com servers to go out on router B which has a gigabit connection For Example I have rr5---sn-vgqsknz7.googlevideo.com (74.125.159.138) route to go out on 10.1.1.2 (router B), the traceroute route works fine from SSH router A or client PC however pinging it goes out directly ignoring the static routes also clients behind router A have the same result, pinging goes out directly ignoring static routes. router A

route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
74.125.159.138      10.1.1.2     255.255.255.255     UGH    0      0        0 br0

ping rr5---sn-vgqsknz7.googlevideo.com #this is ignoring the static route as ping is higher)
PING rr5---sn-vgqsknz7.googlevideo.com (74.125.159.138): 56 data bytes
64 bytes from 74.125.159.138: seq=0 ttl=59 time=65.400 ms 

traceroute to rr5---sn-vgqsknz7.googlevideo.com (74.125.159.138), 30 hops max, 38 byte packets
 1  10.1.1.2 (10.1.1.2)  0.753 ms  0.447 ms  0.405 ms
 ...#goes out fine

When I watch a the youtube video on the Windows PC using rr5---sn-vgqsknz7.googlevideo.com it ignores the static route in router A, but when i traceroute it, it follows the static route from router A, and when I ping rr5---sn-vgqsknz7.googlevideo.com from the Windows client PC it does not use the static route From Windows PC behind router A

Pinging rr5.sn-vgqsknz7.googlevideo.com [74.125.159.138] with 32 bytes of data:
Reply from 74.125.159.138: bytes=32 time=64ms TTL=124

if it was going out of router B time=would be about 40ms) From Windows client behind router A

Tracing route to rr5.sn-vgqsknz7.googlevideo.com [74.125.159.138]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  routerA [10.1.1.1]
  2    <1 ms    <1 ms    <1 ms  10.1.1.2 #router B takes cover
  3    18 ms    17 ms    17 ms  etc

if i create static route on Windows directly bypassing DD-WRT router A entry routes everything works fine.

route add 74.125.159.138 mask 255.255.255.255 10.1.1.2

Tracing route to rr5.sn-vgqsknz7.googlevideo.com [74.125.159.138]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  10.1.1.2
  2    <1 ms     1 ms    <1 ms  #and so on

Pinging rr5.sn-vgqsknz7.googlevideo.com [74.125.159.138] with 32 bytes of data:
Reply from 74.125.159.138: bytes=32 time=47ms TTL=60  #ping is lower
 OK!

any suggestions? Thank you in advance.

good time Can I install Linux on UBNT Radio ? (for example : Nano Station, Nano Bridge, AirGride) Is there anyway to install Linux on this device ? Linux OS or at least frimware(linux Base that could install MTR,SSH,WebServer,Mail Server) thank you Best Regards

I setup a Windows Server 2022 PC to monitor all LAN traffic. I have the computer connected by Ethernet to the monitor PC and have this as a Firewall script for my DD-wrt router: iptables -t mangle -A POSTROUTING -d 0.0.0.0/0 -j ROUTE --tee --gw 192.168.1.254 iptables -t mangle -A PREROUTING -s 0.0.0.0/0 -j ROUTE --tee --gw 192.168.1.254 When I wireshark the ethernet adapter I don't see any mirrored traffic. Any ideas what I am missing?

The solution posted below worked for several days then failed. It's back to bench testing if I put any more time into it. - - - Trying to move dnsmasq service from a Linux VM to a newly setup DD-WRT router running v3.0-r48810 std 05/06/22. I'd like to keep the static addresses in ip addr order so instead of entering into DHCP Server/Static Leases I am trying to use dhcp-host in Additional Dnsmasq Options which the DD-WRT Static DHCP documentation suggests is possible - but it is confusing and it's not working correctly on the Linux Mint 19.3 systems that can not ping the Windows systems. After posting the above question I set up a test network with a DD-WRT router and two laptops - one Windows and one Linux. After reading forums and extensive testing the following setup seems to work except for the dig command output on the Linux system (more below) [this was resolved by attaching router to WAN]. I tried taking out some of the settings like in Additional Dnsmasq Options but dnsmasq will stop working and systems can't ping each other. I tried what some sites said is to put the router ip address into Static DNS 1 but that wouldn't work with any combination of settings. DD-WRT version in test setup: v3.0-r44715 std (11/03/20) Network Setup [updated - see my answers] Router IP Local IP Address 192.168.1.1 Subnet Mask 255.255.255.0 Gateway 0.0.0.0 Local DNS 0.0.0.0 Network Address Server Settings (DHCP) DHCP Type DHCP Server DHCP Server Enabled Start IP Address 192.168.1.100 Maximum DHCP Users 75 Client Lease Expiration 1440min Static DNS 1 0.0.0.0 > DiG 9.11.3-1ubuntu1.17-Ubuntu > ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 41574 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;. IN NS ;; Query time: 1 msec ;; SERVER: 192.168.1.1#53(192.168.1.1) ;; WHEN: Wed Jun 01 14:35:00 PDT 2022 ;; MSG SIZE rcvd: 28

**My issue:** I want to VLAN tag a single LAN port for a IoT device, wired to a DDWRT router, which is acting as a switch/AP... Under networking in DDWRT, if I select the port, and tag VLAN 2 the device on the port goes offline. What config do I need to set on the DDWRT, in order for a single port to allow provisioning of an IP on my VLAN 2 tagged network with DHCP from the upstream router (UDM Pro)? **Background:** I have a DDWRT router in my office acting as a managed switch/AP. I have a UDM Pro upstream as the router. I want to allocate a single LAN port on the DDWRT, to VLAN tagged 2. Anything connecting to the port should get an IP from my tagged network, as configured (DHCP) on the UDM Pro. Other ports, and WiFi AP stuff should be normal untagged LAN. I have a network on my UDM Pro for the tagged VLAN, including DHCP server. *Importantly*, with the downlink port profile on the UDM Pro set to VLAN 2 *only*, and *without* the DDWRT in the middle, the wired device correctly gets an IP from the VLAN DHCP. So my UDM Pro is working as expected. I now want to put the switch (DDWRT) in the middle. All ports, normal LAN, but one port for this device to get an IP on the tagged VLAN. The UDM Pro uplink is now delivering "All" (which I will narrow down later). I understood this to mean it would transit both tagged and untagged traffic, which is what I want since both will coexist on the DDWRT.

Can anyone tell me how I can block a TV that's on my wifi from accessing anything outside the LAN? I do want the TV to be able to access local PCs however, so I can use its inbuilt apps to play videos from a local DLNA server on my HTPC. But I don't want it to be able to access its firmware server, ad servers, or anything else outside my house. My router is a TP-Link TL-WDR3600 v1 running DD-WRT v3.0-r46788 std.

I have a D-Link DIR-835 rev. A1 running OpenWRT as my wifi AP and also ethernet router. I have put the AP in a reasonably central location in my house given the limitations for it being near a cable entry point. But the two back rooms of my house get bad wifi signals; in one a device can connect but bandwidth can sometimes be bad, in the other room it is basically impossible to connect. I have racked my brain trying to figure out how I can get an ethernet cable to one or both of those rooms from the room with my AP but it would be very difficult. I **can** run an ethernet cable easily between the two rooms that are having problems. I currently am addressing the problem with dd-wrt (because I could not find good OpenWRT support for this device) running on a Linksys E1200 v2 set to Client Bridge Mode in the room that gets OK wifi. It's router ports offer network to devices in that room and the other difficult room. This works OK for a while and then stops working well and I am mindful of the warning > Client Bridge will never be as stable as any of those modes. It is by design a hack and not a true transparent bridge like WDS. It will cause connection problems for more than a single client. So I am looking for a better solution. What are my best options for getting network connectivity to these two rooms? The dd-wrt page on Linking Routers suggests that Client Bridge is the worst choice from the available options (Repeater Bridge, WDS, Client, Repeater, AP or OLSR) and suggests that Repeater Bridge may be second worst choice. The dd-wrt wiki says that >There is no repeater mode option on Qualcomm/Atheros devices and my D-Link DIR-835 rev. A1 is Atheros hardware. The dd-wrt page also suggests that to use WDS I should have two AP/routers with the same chipset. I am not opposed to buying a second D-Link DIR-835 rev. A1 if that is my best option. Does it help that the D-Link DIR-835 rev. A1 can broadcast at multiple frequencies? I am citing the dd-wrt info pages because those are the best explanations I have found so far but my intent is to set up my solution with OpenWRT. For whatever solution is most highly recommended, I am looking for clear instructions please.

I've been looking everywhere for this. Does anyone know how to block a specific URL on a DD-WRT router? For example, I want to block website.com/whatever but not website.com, blah.website.com, or website.com/blah. Is there a way to do this, or can you only block the whole domain? I tried adding the URL in question under Access Restrictions in the DD-WRT configuration but it doesn't seem to have any effect. Here are my settings: and here is the list of clients: I can still easily browse to google.com/imghp and google.com/images (which redirects to google.com/imghp) on my main PC with IP address 192.168.1.146. On [this page](http://www.dd-wrt.com/wiki/index.php/Access_Restrictions) of the DD-WRT wiki, it says "Under Website Blocking by URL Address, enter in the domain name(s) you wish to block (if any)." This, in addition to posts on the DD-WRT forums, gives me the impression that you can only block domains under Access Restrictions in the DD-WRT setup. I'm starting to wonder if this problem must be solved using iptables, or possibly by installing a proxy server on the router itself. # EDIT # User goli on the DD-WRT forums had this to say on the matter ([link](http://www.dd-wrt.com/phpBB2/viewtopic.php?t=161696#711928)) : > There's a Privoxy version that runs on DD-WRT quite well. I just installed it. > > Privoxy has a parameter "accept-intercepted-requests 1" that allows to use it as a transparent proxy. > > I added a single iptables rule that passes some web traffic requests to the proxy instead of directly routing it: > > iptables -t nat -A PREROUTING -i br0 -p tcp --dport 80 -s 192.168.0.128/255.255.255.224 -j DNAT --to 192.168.0.1:8118 > > Privoxy has so called "actionfiles." Those define what to do when a request URL matches a given regular expression. One of the possible actions is "block." Since then, I've been working on figuring out how to install Privoxy on the router. It's rather complicated, especially since I don't have enough spare flash memory to install it via SSH using ipkg. (See [this question](https://superuser.com/questions/259792/how-to-install-a-program-on-a-ddwrt-hacked-router) on Super User.) My second approach is to use the Firmware Modification Kit, which you can read about [here](http://www.dd-wrt.com/wiki/index.php/Development) . I've had some difficulty flashing a custom build, but once I get it all sorted out I'll post my results here.

I've configured the Archer A7 v5 to work with OpenWRT and it worked fine. I've used the TFTP method. Last week I tried to install a firewall on the run. After trying different methods. I found this guide copy-paste it -- see the print-screens below -- and since then the router is not accessible anymore. I mean: it starts, it shows that the wifi and the ethernet-cable are activated. However, it does not attribute any IP address regardless if you connect by ethernet or wifi. I know, I should not carelessly copy-paste if I do not understand exactly what I'm doing. However, I relied on being able to reset and restart everything. What I've tried After failing to connect by ssh or web-gui I've tried to reinstall the firmware via FTP-method. It doesen't work. Since I've done the initial installation 6 months ago I'm not sure if I might missing some detail. Additionally I moved from Debian to Arch-Linux and maybe there are some differences inside the network settings of my PC. Also the OpenWRT DD-WRT pages are somewhat contradictoriy about the specific settings. Like the required IP-address: a , b . Do you have some idea/experience about how to resolve the problem?

First bit of background: I have been using OpenWrt since 2015 on TL-MR3220 V2 with 4/32MB memory. It was running great. Recently, after buying a MI 4A gigabit router I stoped using the TP-Link router. With Mi router, I was able to add USB storage for a mini nas type solution. But last month I managed to fry the USB port of the Mi router. Now it can't access USB storage. After that incident, few days have gone by and I had an idea to use my old tl-mr3220 V2 for network storage as it has a USB port and runs OpenWrt. But quickly I found out that I cant install the USB storage package because of the limited 4/32MB memory. So I searched for solutions and found that I can change the flash and ram chip. So I bought a new 8MB flash and 64MB ram chip. Flashed the new 8MB chip with the old 4MB chip dump using ch341a programmer. The router started successfully but the wireless was not working and I couldn't connect to the Internet with the router. As a result, I could not download the kmod USB storage package. So I kept searching for solutions and found this solution. This worked. But the router became extremely unreliable to the point where it is not useable for anything. My Questions: 1. Is there anything I have done wrong or I didn't do or i should have done to make the router reliable? 2. Is there any other easy way to do this? 3. Should I migrate to different after market firmware? If yes, which one will be able to achieve my goal? If, there is no other way, as the last option I'll attempt to make a custom OpenWrt build. But, I think, that will be very hard for me as I have never done anything like that and don't know how it works. Sorry for the mistakes. If you can't understand something please ask me.