Gargoyle Forum

Hi,

Could someone point me in the right direction for how I might stop any outbound traffic from a webcam to the internet? i.e. any packets from the webcam should only be routable to the local network or VPN.

Thanks

Does the webcam have an IP address? If so look up iptables and the openwrt firewall and create a rule.
If it doesn't, you still want to do a similar thing but matching he traffic becomes harder.

So something like this where 192.168.1.111 was the IP address of the webcam and eth0.2 is the wan device?
Also, I'd add this to /etc/firewall.user right?

Thanks for your time.

That looks right to me, but I'm not very good with firewall rules sorry!

Oh and you'll need to do a firewall restart after adding the rule.
/usr/lib/gargoyle/restart_firewall.sh

LOL, neither am I which is why I'm asking Will give it a try. Obviously a bit hard to test, but might try adding logging to the rule so that if it is ever detected I can hunt round to see what caused it (phone home or something else).

Thanks again.

Custom firewall rules are more of an openwrt thing. If you find you can't get the help you need here definitely have a search on their forums or their wiki. If it applies to openwrt it applies to gargolye (in general).

Also I edited my last post to mention that you need to restart the firewall after adding the rule.

Isnt this possible through the web interface? Under Firewall-> Restrictions

maybe

Does the webcam have an interface where you can set the address and gateway on it manually? No correct gateway, no outside world?