Block all WAN private networks but still route

Hello. I am using an OpenWRT as a test network attached to my own personal LAN, and monitoring all traffic through it for testing behavior of devices. Here is a basic map (I hope this doesn't get pwned)

I want to block MyLAN and allow access to the Internet.

Everything works currently, but I would like to broadly block all Private networks from OpenWRT using luci to make it easy to backup and restore settings from a single file. How would I make MyLAN transparent from the OpenWRT LAN but still allow routing from OpenWRT through MyLAN?

If you configured openwrt like in the above picture ( you need to change it you're likely to get duplicate IPs from myLan (/24 is a subset of /16). Use something like


+1 to @maurer 's comment... overlapping subnets will break routing.

However, once that is addressed, routing should work.
Then, to block access from the devices > RFC1918 addresses, you create a rule

drop (or reject)
all protocols
source zone lan
destination zone wan
destination addresses,,

Yes, since is not a valid network designation, that likely fouled up some things.

To get back to the premise of the original question, blocking the private IPs of your routers from guests does not cause a problem, even though they are gateways for the guests' path to the Internet. The blocking is based on the destination address in the packet. Routers holding a blocked IP can still be used as intermediate hops on the way to a permitted (Internet) destination.