1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Firewall ?

Discussion in 'HD/HDR-FOX T2 Customised Firmware' started by TomT, Jan 24, 2012.

  1. TomT

    TomT Member

    Hi

    Is there any firewall in the HDR-T2 ??

    I'd like to block access to my box from a set of IP addresses.
    So Block everything from 192.168.1.3-30

    Thanks for your advice.
     
  2. Wallace

    Wallace Slightly Pickled

    I'm not 'well up' on this, but can't that be done via your router?
     
  3. TomT

    TomT Member

    Yes and no... Yes for external access, no for the office to home openvpn link..
    I was hoping I can do some on the box !
     
  4. Black Hole

    Black Hole Felinos Guru

    The short answer is "no"... but there may be something that could be done through a custom package. If you can identify a Linux utility that achieves what you want, put it up for porting to the Humax.
     
  5. TomT

    TomT Member

    Thanks..

    Netfilter/iptables does what I need:

    netfilter.org is home to the software of the packet filtering framework inside the Linux 2.4.x and 2.6.x kernel series. Software commonly associated with netfilter.org is iptables.

    http://www.netfilter.org/

    How do we get this ported ?
     
  6. jack616

    jack616 Member

    I asked about this before I started recommending Humaxes (I help out with local dissability issues) and was advised not to connect
    them to local networks as they could present security hazards. (As could the random connection of TV's/bluray players etc)
    These issues seem to be completely ignored.
    I did ask online somewhere if there was firewall support (cant remember if I asked here or elsewhere)

    My point is - I'm seconding the request for firewall - ideally everything blocked until an IP address AND port AND protocol is specifically allowed.
    ARP, most UDP and other protocols should also be dissabled. Personally I'd like to see all IPV6 blocked permanently.

    Anyway - Whatever the details it would be nice if someone could look into it.
     
  7. sooty83

    sooty83 Member

    You can put devices that you want to limit access to behind their own router. This has the added benefit of working even if the device in question is a black box whose internals are not accessible.
     
  8. xyz321

    xyz321 Well-Known Member

    The netfilter/iptables option doesn't look very straight forward. It would require a kernel change. I don't think anyone has yet managed to load a new fully working kernel onto the box.
     
  9. af123

    af123 Administrator Staff Member