I have been using my GL-A1300 router for some time and as I have gained more experience with advanced networking, I have decided to improve my home network. My GL router is connected to my modem through the WAN port on the router. An unmanaged switch and a secondary Linksys router are connected to the two LAN ports on the router. I am also running OpenWRT 21.02.
I am currently trying to learn how to use the OpenWRT firewall to drop ICMP packets coming from the WAN to the device itself. However, no matter what I do with the firewall settings, they don't seem to take effect. Rebooting or refreshing the firewall doesn't help either. I've been following tutorials, but I can't seem to get it to work. Can anyone give me some tips or suggestions on what I might be doing wrong?
What specifically have you tried? Your screenshot shows an unnecessary rule (block 80 and 443 from wan) as that's already the default state.
We need to see your complete firewall file to understand more...
Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
This is completely on me and my ignorance; I thought that because I have a DDNS pointing to my IP that I could still ping my public IP from inside my network and it would think it was coming from outside the net, and that is why I was still able to ping the device. I switched to a hotspot and then tried to ping the IP and that's where it started blocking it. I appreciate your hasty reply, though.
Yes, if you ping the public IP of your WAN from inside your network, it is still inside your network, so the firewall rules that cover the lan zone will apply, not the wan zone.
Seems like you're all good now, though.
If your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.
