1 WAN 3 LAN - Blocking LAN ports from each other.
-
Here's my setup
WAN - Cable modem
LAN - 192.168.1.0/24
OPT1 - 10.0.0.0/24
OPT2 - 172.0.0.0/24I want to block traffic from going across the LAN ports but still be able to access the internet via the WAN port
I have setup firewall rules to block each others subnet, but it does not seem to do anything.
Im running 1.0 Beta 2 -
Make sure the rules order is correct (first match). However, without seeing your rules we can't really help you.
-
Make sure the rules order is correct (first match). However, without seeing your rules we can't really help you.
LAN
Proto Source Port Destination Port Gateway Description- OP1 net * * * * Block OP1
* OP2 net * * * * Block OP2 - LAN net * * * * Lan to Any
OP1
Proto Source Port Destination Port Gateway Description- LAN net * * * * Block LAN
* OP2 net * * * * Block OP2 - OP1 net * * * * OP1 to Any
OP2
Proto Source Port Destination Port Gateway Description- LAN net * * * * Block LAN
* OP1 net * * * * Block OP1 - OP2 net * * * * OP2 to Any
Those are the rules i have set for each port
- OP1 net * * * * Block OP1
-
Yeah, those are wrong.
at LAN:
block, proto any, source any, destination OPT1 subnet
block, proto any, source any, destination OPT2 subnet
pass, proto any, source lan subnet, destination any (default LAN to any)at OPT1:
block, proto any, source any, destination LAN subnet
block, proto any, source any, destination OPT2 subnet
pass, proto any, source OPT1 subnet, destination anyat OPT2:
block, proto any, source any, destination LAN subnet
block, proto any, source any, destination OPT1 subnet
pass, proto any, source OPT2 subnet, destination anyYou always block incoming traffic at an interface.