I'm trying to block a specific IP from my system behind a OpenWRT router.
Is this rule, which I want to add to /etc/config/firewall, correct?
config rule
option src 'wan'
option dest 'lan'
option proto 'tcp'
option family 'ipv4'
option src_ip 'AA.BB.CC.DD'
option dest_port '80 443'
option target 'DROP'
option name 'Block IP from the specific address'
option start_time '00:00:00'
option stop_time '23:00:00'
option enabled '1'
where AA.BB.CC.DD is a specific IP address that I wanted to block from my web server, unless it's between 11pm - 12am, in which case, it's allowed to go through into the web server.
Just a Side-Note, you might want to look into giving the MAC address of the device with that IP address a static DHCP assignment, as otherwise the critical machine might simply try to get a different address from the DHCP server to slide step your attempt at controlling its internet access attempts. I note that this is not going to give only partly more control, as that machine might use a different MAC address, but that will be a somewhat higher hurdle to clear.