Block traffic between interfaces?

Started by deanfourie, February 12, 2025, 11:29:37 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 12, 2025, 11:29:37 AM
So, I am really struggling with this.

I have 3 LAN interfaces, I am simple trying to block traffic between all of them. But it doesn't appear to be that simple.

On interface LAN, I am putting the following rules

BLOCK source ALL to destination LAN2 net ALL SERVICES
BLOCK source ALL to destination LAN3 net ALL SERVICES

I am doing the same on all interfaces for the respective networks. This seems to stop ICMP traffic, however I can still hit the router login page at the LAN2 and LAN3 gateway address from LAN1, so clearly for some reason this is not blocking HTTP/HTTPS traffic.

What am I missing here?

Thanks
February 12, 2025, 11:33:36 AM #1
There is an anti-lockout rule in the automatically generated rules. It can be disabled via "Firewall: Settings: Advanced" - but be careful not to lock yourself out.

Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005

1100 down / 800 up, Bufferbloat A+
February 12, 2025, 12:19:43 PM #2
Quote from: meyergru on February 12, 2025, 11:33:36 AMThere is an anti-lockout rule in the automatically generated rules. It can be disabled via "Firewall: Settings: Advanced" - but be careful not to lock yourself out.



Thanks, I thought it might be the anti lockout rule but couldnt disable.

I will disable on all except the LAN interface.

Thanks
Print
Go Up Pages1
User actions