Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
735
Views
0
Helpful
3
Replies

RV180W - Max FirewallRules / .cfg file size

Alex_Romain
Level 1
Level 1

‎04-09-2019 12:54 AM - edited ‎04-09-2019 01:04 AM

Hi Community !

One of the networks we manage is being targeted by chinese hackers/spammers (tons of emails, brute force on every service possible, ...).
That network is equiped with a RV180W which is sufficient for day to day operations.
We decided to implement firewall rules to systematically block every connection originating from chinese networks (lists are available on sites such as : https://www.ip2location.com/free/visitor-blocker)
The list contains 7154 IP ranges to block which would be a real pain to add using the web interface.

I then decided to see if it wasn't possible to edit a exported .cfg file to inject the rules directly in a modified file and restore that file which works when .cfg checksum is set to '0'.

So I wrote a little script that converts the chinese ip ranges to the format used in the .cfg file and injected this into the file and then, imported the file (12Mo ...). The router got stuck and needed a manual poweroff-poweron cylce to restart.

My question is : What is the firewall rules quantity limit and/or .cfg file size limit ?

Thanks in advance !!!

BTW, I will be happy to make the script publicly available when those 'problems' will be fixed.

0 Helpful
3 Replies 3

Alex_Romain
Level 1
Level 1

‎04-09-2019 01:03 AM

here's what is logged :
Tue Apr 9 09:02:13 2019(GMT+0100) [rv180w][Kernel][KERNEL] [ 4542.990000] Out of memory: kill process 6923 (cgi) score 2042 or a child
Tue Apr 9 09:02:14 2019(GMT+0100) [rv180w][Kernel][KERNEL] [ 4542.990000] Killed process 6923 (cgi)
0 Helpful

Alex_Romain
Level 1
Level 1
In response to Alex_Romain

‎04-09-2019 08:12 AM - edited ‎04-09-2019 08:12 AM

Removing from the list networks with ranges smaller than 2048 nodes suppressed the 'out of memory' problem.

 

I now have 2586 Firewall rules :)

But I can't add any, using the web gui, I get a 'Can't add configuration to this table. Maximum limit reached.' error, what is that limit, is there something that can be done ?

0 Helpful

leecoxhouse1
Level 1
Level 1
In response to Alex_Romain

‎04-09-2019 09:56 AM

I guess you know software support is passed for the RV180 and RV180W routers.  There is one more year for hardware support.

Preview file
102 KB
0 Helpful
Customers Also Viewed These Support Documents