I am trying to block all direct WAN traffic to a certain Win10 machine with the following rule. I have privoxy setup on another machine and the web traffic is directed through that using windows proxy setting. It is working. But, now I want keep certain ports open for email e.g. 587 and another custom application. How do I do that?
Can you please elaborate? Am I going to put the allow rule before the drop rule for that device in the text file? or is it later? Block everything then allow few things?
I tried following. It failed. I think that the failure is due to missing inbound path for SMTP handshake. What do I open just for this inbound handshake? Can I limit it to smtp.isp_server.com?
config rule
option src_port '465'
option src_port '465'
option src 'lan'
option proto 'tcpudp'
option name 'outbound Email'
option dest 'wan'
option target 'ACCEPT'
list src_mac ’11:22:33:44:55:66’
config rule
option src 'lan'
option dest 'wan'
option name 'BlockAllTraffic’
list src_mac '11:22:33:44:55:66'
option target 'DROP'