cancel
Showing results for 
Search instead for 
Did you mean: 

Netgear DG834N Service / Schedule Problems?

God
Grafter
Posts: 1,112
Registered: ‎30-07-2007

Netgear DG834N Service / Schedule Problems?

I am trying to block net access during certain periods using the Netgear schedule and rule functions. I have defined a rule blocking all outbound services and scheduled a period for this to take place.
While this seems to work perfectly well blocking web access and email at the appropriate times for some reason MSN Messenger is being blocked 24/7. To allow its use again I have to turn off the rule.
Does anyone know why it behaves differently to any other service and why the Netgear is blocking outside of the required times?
7 REPLIES 7
Swift
Dabbler
Posts: 23
Registered: ‎27-11-2007

Re: Netgear DG834N Service / Schedule Problems?

You need to permit inbound ports 5190 UDP, 6891-6900 TCP same as for file transfer, Port 6901 UDP & TCP used for voice and port 1863 TCP & UDP which is the trigger Port, guess that may be blocked?
God
Grafter
Posts: 1,112
Registered: ‎30-07-2007

Re: Netgear DG834N Service / Schedule Problems?

Hi Swift
I am not sure I understand that. I am finding that MSN messenger is fubared while the stop all outbound services rule is not scheduled to run. Surely if I make exceptions for those ports that means that messenger will still run even when the schedule makes the rule active.
I just want a rule that stops all communication when the schedule kicks in and allows all when it ends.
I don't see why the SERVICE (ALL) ACTION (BLOCK by schedule, otherwise allow) rule doesn't stop or allow all traffic but appears to block some when it should be allowing all.
samuria
Grafter
Posts: 1,581
Thanks: 3
Registered: ‎13-04-2007

Re: Netgear DG834N Service / Schedule Problems?

How does the netgear know what time it is? There is no clock so it cant know the only way it can know is to use time service which means it must have outbound connection to get this info?
It may get it initially and then loose it after some time. This doesnt explain MSN which is a funny thing at the best of times.
MSN seems to work even when dns is down so maybe its something to do with dns. If it block access by denying dns it would block everything but MSN
God
Grafter
Posts: 1,112
Registered: ‎30-07-2007

Re: Netgear DG834N Service / Schedule Problems?

The Netgear does know what time it is. Either it has a clock or takes the time from a PC. I just disconnected it from the telephone line the 'clock' on the schedule page continued to update.
Web blocking works just fine using ALL and the schedule it is only MSN that is the problem.
I take your point about DNS. Maybe I will try just blocking Web and MSN individually, perhaps blocking all is over zealous!
Not applicable

Re: Netgear DG834N Service / Schedule Problems?

Quote from: God
The Netgear does know what time it is. Either it has a clock or takes the time from a PC. I just disconnected it from the telephone line the 'clock' on the schedule page continued to update.

Once connected to the net it uses an NTP server to update its time.
If you look at the logs when you first turn it on after a reset, you'll notice the logs start with the wrong date/time, then once the connection is made, the time corrects itself.
IIRC Netgear hardcoded the NTP to point to an individual or small businesses NTP server, resulting in huge bandwidth bills as more and more of their products hit the market.
Could be an urban myth though - I'll see what I can dig up.
Not applicable

Re: Netgear DG834N Service / Schedule Problems?

Ah, slightly wrong on the details, but relatively close on the issue;
Quote
The first widely known case of NTP server problems began in May 2003, when NETGEAR's hardware products flooded the University of Wisconsin-Madison's NTP server with requests. University personnel initially assumed this was a malicious distributed denial of service attack and took actions to block the flood at their network border. Rather than abating (as most DDOS attacks do) the flow increased, reaching 250,000 packets-per-second (150 megabits per second) by June. Subsequent investigation revealed that four models of NETGEAR routers were the source of the problem. It was found that the SNTP (Simple NTP) client in the routers has two serious flaws. First, it relies on a single NTP server (at the University of Wisconsin-Madison) whose IP address was hard-coded in the firmware. Second, it polls the server at one second intervals until it receives a response. A total of 707,147 products with the faulty client were produced.
NETGEAR has released firmware updates for the affected products (DG814, HR314, MR814 and RP614) which query NETGEAR's own servers, poll only once every ten minutes, and give up after five failures. While this update fixes the flaws in the original SNTP client, it does not solve the larger problem. Most consumers will never update their router's firmware, particularly if the device seems to be operating properly. The University of Wisconsin-Madison NTP server continues to receive high levels of traffic from NETGEAR routers, with occasional floods of up to 100,000 packets-per-second. NETGEAR has donated $375,000 to the University of Wisconsin-Madison's Division of Information Technology for their help in identifying the flaw.

Taken from http://en.wikipedia.org/wiki/NTP_vandalism
God
Grafter
Posts: 1,112
Registered: ‎30-07-2007

Re: Netgear DG834N Service / Schedule Problems?

Fascinating but not relevant. As I said timing isn’t an issue I can block all services by schedule and they stop and start as advertised.
The issue I wanted help with is:
Why when a ‘stop all’ outgoing rule operated  by schedule ISN'T active does MSN not work.