; *From:* NANOG *On Behalf Of *Anurag
> Bhatia
> *Sent:* Thursday, 5 November 2020 7:03 am
> *To:* NANOG Mailing List
> *Subject:* {Disarmed} Re: Asus wifi AP re-writing DNS packets
>
>
>
> Hello
>
>
>
>
>
> An update on this issue:
>
>
>
> Going th
to rule it all world.
>
>
>
>
>
>
>
> *From:* NANOG *On Behalf Of *Anurag
> Bhatia
> *Sent:* Thursday, 5 November 2020 7:03 am
> *To:* NANOG Mailing List
> *Subject:* {Disarmed} Re: Asus wifi AP re-writing DNS packets
>
>
>
> Hello
>
>
>
&g
: {Disarmed} Re: Asus wifi AP re-writing DNS packets
Hello
An update on this issue:
Going through (long) Asus support channel, they first agreed that this was
intentional to make router.asus.com <http://router.asus.com> work but did take
my request to make that optional. The
Hello
An update on this issue:
Going through (long) Asus support channel, they first agreed that this was
intentional to make router.asus.com work but did take my request to make
that optional. They have issued me a test firmware which so far seems to be
working perfectly with no-rewriting
Hi Alarig
I tried that but somehow DNS traffic still does not work. I tried adding
rules in prerouting as well and still no impact.
anurag@RT-AC58U:/tmp/home/root# iptables -t nat -L PREROUTING -v -n
Chain PREROUTING (policy ACCEPT 25 packets, 3147 bytes)
pkts bytes target prot opt in
On Thu 29 Oct 2020 02:10:25 GMT, Anurag Bhatia wrote:
> I tried deleting the rule and it drops the traffic completely. So DNS
> resolution stops working and I am unsure why. It's not like default drop or
> anything. I can edit the rule and whatever active port 53 related rule is
> there works. But
On Wed, Oct 28, 2020 at 1:57 PM Anurag Bhatia wrote:
> No such feature when running in AP mode. AP mode gives options of wireless
> settings (SSID etc) and IP for management of the device.
I don't know about this case but I've occasionally noticed devices
where you have to put the device into
No such feature when running in AP mode. AP mode gives options of wireless
settings (SSID etc) and IP for management of the device.
On Thu, Oct 29, 2020 at 2:17 AM TJ Trout wrote:
> Have you tried disabling the 'redirect when wan down' feature? I'm
> guessing they hijack the dns to redirect
Have you tried disabling the 'redirect when wan down' feature? I'm guessing
they hijack the dns to redirect the user to a captive portal "your internet
is down" error page possibly?
On Wed, Oct 28, 2020 at 1:42 PM Anurag Bhatia wrote:
> I tried deleting the rule and it drops the traffic
I tried deleting the rule and it drops the traffic completely. So DNS
resolution stops working and I am unsure why. It's not like default drop or
anything. I can edit the rule and whatever active port 53 related rule is
there works. But I want case of no such rule at all. :-)
I setup pihole on
And if so, can you set up your own service to remove their iptables rule
after it's been added or otherwise counteract it.
At least temporarily, anyways.
-Neil
On Wed, Oct 28, 2020 at 4:26 PM Ryan Hamel wrote:
> I'm curious to know why they would add such a thing, and how you got the
>
I'm curious to know why they would add such a thing, and how you got the
iptables rules from the device. Do these Asus routers provide SSH directly into
the shell?
Ryan
On Oct 28 2020, at 11:33 am, Anurag Bhatia wrote:
> Hello,
>
> Wondering anyone from Asus here or anyone who could connect me
Hello,
Wondering anyone from Asus here or anyone who could connect me to the
developers there?
Using Asus RT-AC58U in Access Point(AP) mode and expect it to simply bridge
wired with wireless but seems like it's re-writing DNS packets source as
well as the destination.
1. DNS port 53 traffic
13 matches
Mail list logo
