FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
+2 votes
1,936 views 1 comments
by

Hi, I would like to block Google Update services (they are running on 5228, 5229 and 5230). What is te best way of doing that on this router?

2 Answers

+1 vote
by anonymous
Hello,

To block ports 5228, 5229 and 5230 on Teltonika router please navigate to Network -> Firewall -> Traffic Rules in router's WebUI.

Then add new traffic rule and specify ports which need to be block and set Action field to "drop".

More information regarding traffic rules could be found in teltonika wiki:

https://wiki.teltonika.lt/index.php?title=Firewall#Traffic_Rules
Best answer
+1 vote
by anonymous
Hello,

I'd like to suggest you a different solution: instead of blocking ports, you could block dns requests made for  resolving names used for google update service. Using tcpdump from RUT950 console you can intercept requests for ggpht.com, android.clients.google.com and play.google.com; then take the hex strings corresponding to each domain and compose the rules for iptables using string module:

iptables -t mangle -A POSTROUTING -m string  --algo bm --hex-string '|676770687403636f6d|' -j DROP

iptables -t mangle -A POSTROUTING -m string  --algo bm --hex-string '|616e64726f696407636c69656e747306676f6f676c6503636f6d|' -j DROP

iptables -t mangle -A POSTROUTING -m string  --algo bm --hex-string '|706c617906676f6f676c6503636f6d|' -j DROP

then put the them in the firewall custom rules.

For example ggpht.com corresponds in tcpdump to ggpht?com that in hex corresponds to 676770687403636f6d. The strings in the rules are closed in single quotes and pipes.

I hope that this can be util.
by anonymous
This would also work.

However, this type of packet analysis would slow down the router's data transfer speed a bit and considerably up the CPU load numbers.