I'm trying to set a rule for what I believed would be the simplest thing but I'm still a little uncertain if I got it right.
I'm on 24.7.3_1.
I want to block a device on my LAN (I don't have VLANs yet) from accessing the internet. LAN network is 10.10.0.0/16.
I'm setting:
Action: Block
Quick: Checked "Apply the action immediately on match."
Interface: LAN
Direction: in
TCP/IP Version: IPv4
Protocol: any
Source / Invert: Unchecked ("Use this option to invert the sense of the match.")
Source: Single host or Network. 10.10.x.y / 32 <- Is this the right net mask?
Source port range: from:any to:any
Destination / Invert: Checked "Log packets that are handled by this rule" <- Due to setting Destination as LAN net, correct or not?
Destination: LAN net
Destination port range: from: any to: any
Log: Checked "Log packets that are handled by this rule"
I still see this device when looking at LAN traffic, it is a device that seems to be trying to call home. Maybe Waht I see in the Reporting -> Traffic -> Top Talkers is before the firewall drops the packets?
Destination LAN net needs to be destination any. "The Internet" is "any IP address that is not local to your network".
Hmm, not with the destination inverted?
I was thinking that setting "any" would make it hard to get anything from this device (which is an IP camera so I want to get the video out).