And if so, can you set up your own service to remove their iptables rule after it's been added or otherwise counteract it.
At least temporarily, anyways. -Neil On Wed, Oct 28, 2020 at 4:26 PM Ryan Hamel <r...@rkhtech.org> wrote: > I'm curious to know why they would add such a thing, and how you got the > iptables rules from the device. Do these Asus routers provide SSH directly > into the shell? > > Ryan > On Oct 28 2020, at 11:33 am, Anurag Bhatia <m...@anuragbhatia.com> wrote: > > Hello, > > Wondering anyone from Asus here or anyone who could connect me to the > developers there? > > Using Asus RT-AC58U in Access Point(AP) mode and expect it to simply > bridge wired with wireless but seems like it's re-writing DNS packets > source as well as the destination. > > > 1. DNS port 53 traffic going out, the source is re-written with the > management IP of the AP on the LAN. So virtually all DNS traffic hits the > router from the (management) IP of the Asus AP instead of real clients. > > 2. If I define DNS as x.x.x.x on DHCP, the Asus AP picks that up and > re-writes destination to x.x.x.x and hence even if any client uses y.y.y.y, > the packets are simply re-written. > > > I see the rule in iptables on Asus AP. All these issues give an idea that > someone created AP mode (besides regular routing mode) and missed to > disable the DNS related NATing features in the AP mode. So far my > discussions with their support have been going quite slow and would greatly > appreciate if someone could connect me to right folks in there so they can > release a firmware fix for it. > > > > Thanks. > > -- > Anurag Bhatia > anuragbhatia.com > >
