I use firewall->Traffic rules to completely block outgoing port 80 traffic on certain workstations. I am using MAC address as an identifier. Now I need to whitelist couple of domains. How do I do that? In addition, is it possible to block certain domains on those workstations regardless of ports? I can also block all traffic (web traffic on 80 and 443) and just whitellist certain domains regardless of ports if that is easier to implement.
This cannot be for the entire home subnet, just those workstations. I cannot segment using vlans as target workstation is sharing a folder and using a network printer.
Thanks @lleachii I like the suggestion. Workstation is running win10 I do not want to touch the internal network that is running fine. I would rather work with the firewall.
What is the sequence? Block first then allow (put holes) or allow first and then block rest? I am using the GUI/Luci interface right now. Can I block all the traffic in traffic rules GUI for 80 and 443 and run the script to whitelist just a few?
Where does the script run? Is it a shell script? Is it in the custom rules? Can you please provide a sample to whitelist https://www.raspberrypi.org/ as an example?