config rule
list dest_ip '13.107.42.12'
option name '1drv.ms'
option dest 'wan'
list src_mac 'XX:XX:XX:XX:XX:XX'
list src_mac 'XX:XX:XX:XX:XX:XX' # mine
option target 'REJECT'
list proto 'all'
option src 'lan'
Why is this rule not blocking requests from XX:XX:XX:XX:XX:XX to 13.107.42.12 ?
root@router:~# /etc/init.d/firewall status
active with no instances
EDIT 1: For some reason it's blocking now I swear it wasn't blocking... I'll test it further
EDIT 2:
After restarting router, firewall is working, requests are blocked. Why is a blocking rule requires restarting the router?
@lleachii
I have a time restricted firewall rule.
What's the point of having a time restricted firewall rule if firewall is applied on new connections?
Wouldn't someone be able to connect to internet forever as long as they use the same connection?
Also note - There is a concept of Established and Related connections in the firewall - so a current connection at restart of the firewall would already be Established and hence, allowed
(My bad, I thought that part was already explained/understood.)
BTW, it doesn't matter that it's a time rule - it seems the observation you're experiencing is because of your noting existing Established/Related connections during your test.