hi, thank you for reply.
I was inspired by openwrt documention, forum topics and luci created firewall rules.
i haven't seen config string like this before
can you share link to documentation or forum topic please?
i'm a little bit scared to take your advice without double checking because i don't want to lose access to remotely managed router a second time ;.)
ps i tried without success
config ipset
option name nov6
option family inet6
option match dst_net
option loadfile /tmp/nov6.lst
option enabled 1
config rule
option name nov6
option family inet6
option ipset nov6
option src lan
option dest wan
option target REJECT
option enabled 1
root@openwrt:~# service firewall reload
/dev/stdin:5412:48-52: Error: datatype mismatch, expected IPv6 address, expression has type IPv4 address
meta nfproto ipv6 meta l4proto tcp ip6 daddr @nov6 counter jump reject_to_wan comment "!fw4: nov6"
~~~~~~~~~ ^^^^^
nov6.lst file consists of ipv6 subnets, a subnet per single string
2001:4860::/32
2001:4860:4864::/48
...
etc
i'm using fw4