Hello there!
I have several (smarthome) devices that phone home while that is not necessary due to local integration. To block devices from accessing the internet I usually use the 'Block Internet Access' function in the GUI.
It seems this function uses DROP to block access. The smarthome devices do not like this approach which results in disconnects. Using REJECT should solve this problem, that's why I created custom iptables rules (/jffs/scripts/firewall-start). The problem is, they do not work. Could someone have a look what I'm missing here?
iptables -A FORWARD -s 10.0.0.69 -o lo -j ACCEPT
iptables -A FORWARD -s 10.0.0.69 -d 10.0.0.0/24 -j ACCEPT
iptables -A FORWARD -s 10.0.0.45 -o lo -j ACCEPT
iptables -A FORWARD -s 10.0.0.45 -d 10.0.0.0/24 -j ACCEPT
iptables -A FORWARD -s 10.0.0.69 -j REJECT
iptables -A FORWARD -s 10.0.0.45 -j REJECT
I have several (smarthome) devices that phone home while that is not necessary due to local integration. To block devices from accessing the internet I usually use the 'Block Internet Access' function in the GUI.
It seems this function uses DROP to block access. The smarthome devices do not like this approach which results in disconnects. Using REJECT should solve this problem, that's why I created custom iptables rules (/jffs/scripts/firewall-start). The problem is, they do not work. Could someone have a look what I'm missing here?
iptables -A FORWARD -s 10.0.0.69 -o lo -j ACCEPT
iptables -A FORWARD -s 10.0.0.69 -d 10.0.0.0/24 -j ACCEPT
iptables -A FORWARD -s 10.0.0.45 -o lo -j ACCEPT
iptables -A FORWARD -s 10.0.0.45 -d 10.0.0.0/24 -j ACCEPT
iptables -A FORWARD -s 10.0.0.69 -j REJECT
iptables -A FORWARD -s 10.0.0.45 -j REJECT