Block ports for specific ip on LAN

I can't seem to figure this out...

Adding a discard forward rule in traffic rules does not work. Also tried adding the following as well to /etc/firewall.user;
iptables -I FORWARD -d -p tcp/udp --dport 0:65535 -j DROP

Try -s instead of -d.

Thanks, doesn't work... I don't seem to be able to block anything on LAN

You can't block something that doesn't traverse the firewall.

Use LuCI to explicitly block zones LAN to WAN in order to test.


Thanks for this.. Yes, makes sense.