If I understand the notes in /etc/config/firewall I should be able to put something like the following in /etc/firewall.user to block these specific addresses on my LAN from the internet. Ideally I would like to isolate them as much as possible. Will this work, if not what do I need to do?
iptables is beyond my skill level so I would appreciate any help.
Bob # do not allow a specific ip to access wan config rule option src lan option src_ip 192.168.1.8 option dest wan # option proto tcp option target REJECT config rule option src lan option src_ip 192.168.1.48 option dest wan # option proto tcp option target REJECT -- Bob Goodwin - Zuni, Virginia, USA http://www.qrz.com/db/W2BOD box10 FEDORA-23/64bit LINUX XFCE POP3 _______________________________________________ openwrt-users mailing list [email protected] https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-users
