Making a Rule for WAN access ONLY
I would like to have a rule that allows OPT1->WAN traffic, but doesn't allow OPT1->LAN or OPT1->OPT2.
So a rule that would be something like
Source: OPT1 subnet
Destination: WAN only
Problem being that in 'destination' I can't select anything that would give me WAN "subnet"
Right know i solve it by having rules to block traffic from OPT1 to my other internal nets, and then a ALLOW from OPT1 to anything.
But this is not very elegant IMO
Is this the only way to do it, or am i missing something? :)
You're missing the aliases.
Create one that contains all your undesirted subnets and make an "allow all BUT alias" rule for your OPT1 IF.