Can I restrict a port to special IPs from the internet

I am looking to use OpenWrt but need the option to restrict a port to certain IPs to come in from the internet. Is this possible.

Like I have an ftp server in my office and only want a few clients from the internet to be able to ftp in. I do not want any other IPs to try to brute force their way in.

Is that possible? How easy to manage if I want to add or remove IPs later from white list.

What area in the firewall settings handle it best.

Thank you

1 Like

I came here today to ask pretty much the same question. I have an HTTP server and Home Assistant running on my local network. I'd like to open them up to only my phone outside of the LAN, and no other device.

I have a feeling though that the real answer to this is "Learn how to use WireGuard".

I have no idea how to use WireGuard.

This is generally insecure and therefore discouraged.

Yes, that's it: