Router Firewall question.

[Nightlord]

You know how you can create a HOST file, or place IP Addresses in your Restriced Zone and keep your computer from communicating with sites?
Well... I was wondering if there's a router that will save that information for it's own Firewall, thus keeping me from having to configure every computer on my home network. Basically, absolutely no traffic to or from said IP Addresses... blocked at the Router.

[drs1771]

I have a Linksys WRT54G (Wireless) and it supports Website blocking by URL address. I imagine any Linksys with this version of firmware does. I can't speak for other brands, but I know this particular model does.

[phelan1777]

I set up my girlfriends NetGear router, and there are options for blocking spefic IP,s sites with specific words, Instant messengers and a few other neat additives.

[cat5e]

The capacity of the Entry Level Routers to do so is limited to few addresses.

So depending on what you want to block using the Host file is much more flexible.

There are simple free programs that help in editing the Host file and you can easly copy it across you Network to each computer.

http://www.mvps.org/winhelp2002/hosts.htm

[Nightlord]

Pfft! I'm not a n00b... I know how to work a HOST file, and how to add sites to the restricted area by REG file. However, MY computers are not the only ones which use my home network- Lan gaming, ect. Also, if I decide to wipe my computer I don't want to have to worry with backing up my HOST file every time, ect.
To me, it's much easier to just block the crap at the Router and forget about it.
I'll look into the Routers mentioned above, thanks guys.

[pudad]

Pfft! I'm not a n00b... I know how to work a HOST file, and how to add sites to the restricted area by REG file. However, MY computers are not the only ones which use my home network- Lan gaming, ect. Also, if I decide to wipe my computer I don't want to have to worry with backing up my HOST file every time, ect.
To me, it's much easier to just block the crap at the Router and forget about it.
I'll look into the Routers mentioned above, thanks guys.

News flash, host files are for newbs.

Go find an old box, install openbsd, and learn some of the rules for there PF firewall. Basically something like this would do (say the website you don't like is at 67.123.0.34):

block out on $ext_iface from any to 67.123.0.34

So I'd suggest learning this sort of thing, or buying a linksys wrt54g (the only good home solution if you as me, cisco owns linksys, and it runs linux, so it is a great router).

Another good choice (a compromise between running nix on an old box as a router and having the more easy setup off the shelf router) is the m0n0wall project.

Google is your friend.

Good Luck dude.

[Nightlord]

lol. I'm not learning Linux... again. (EDIT: When I say 'again' I mean back in the mid-90's. Right about the time Win95 came out and put me to SERIOUS work as a computer geek. Linux, however, was just for playing with as most games didn't run on it even then.) When Linux gets more support for games, I'll make the move. Until then, I'm perfectly happy with Windows XP Pro. I haven't had spyware or a virus in a long time. Partly because of the n00b Hosts files I have on each machine, my Virus Scanner and Zonealarm firewall. Using another computer in such a way would be a waste to me... I look the kudos for "passing down" my old rigs. <GRIN>
Inputting forbidden IPs directly into my router seems the best solution.

[pudad]

lol. I'm not learning Linux... again. (EDIT: When I say 'again' I mean back in the mid-90's. Right about the time Win95 came out and put me to SERIOUS work as a computer geek. Linux, however, was just for playing with as most games didn't run on it even then.) When Linux gets more support for games, I'll make the move. Until then, I'm perfectly happy with Windows XP Pro. I haven't had spyware or a virus in a long time. Partly because of the n00b Hosts files I have on each machine, my Virus Scanner and Zonealarm firewall. Using another computer in such a way would be a waste to me... I look the kudos for "passing down" my old rigs. <GRIN>
Inputting forbidden IPs directly into my router seems the best solution.

Don't be idiotic. You aren't playing games on your nat/firewall box. Just go get one of those wrt54g routers.

[Nightlord]

Ok, I found some information on OpenWRT... way over my head.
It sounds pretty badass in that it adds real funtionality to the Router... but I have absolutely no idea how to configure, compile, install it. Anyone know if there's a "ready-made" package to simplify the install and get it up and running?

[pudad]

Ok, I found some information on OpenWRT... way over my head.
It sounds pretty badass in that it adds real funtionality to the Router... but I have absolutely no idea how to configure, compile, install it. Anyone know if there's a "ready-made" package to simplify the install and get it up and running?

I've used a fair ammount of the openwrt stuff. It is easy as hell, they literally do everything for you. All you have to do is install it (you gotta tftp it while it boots), no code hacking, nothing. Then when you finish installing it, there is this package system that lets you install plenty of stuff. I have it installed on one of my wrt54gs (used it for a school project last year, fun to work with), but my other 3 or 4 have the stock cisco firmware. The webconfiguration on the stock firmware has most of what an average person would need to configure (QoS, port forwards, blocking specific addresses). I'm telling you, just go buy the wrt54g and use the stock stuff, which works fine. The custom stuff is good if you want to configure the vlans, setup OSPF routing (rather than RIP protocol, which comes with it), or ipsec. But for the average firewall router, you are fine with the default stuff.