Limit WAN to connect to only one domain

I am using GL-MT300-V2. I am using a Mobile Data dongle for WAN connection with the 2 Ethernet ports set as LAN. WiFi disabled.
I want to limit the WAN to connect only to one domain e.g. , all other domains to be blocked.
On one LAN port is a Windows tablet PC and I only want one application to have Internet access to FTP data to server ( or via HTTP Post to the same server).

I would welcome advice on setting up suitable Firewall rules. Currently there is a default set of rules from the GL install

|Firmware Version|OpenWrt 19.07.7 r11306-c4a6851c72 / LuCI openwrt-19.07 branch git-21.044.30835-34e0d65|

Careful though, because you are trying to achieve the opposite thing than described in the guide.
You'll disable the lan->wan forwarding and the firewall rule will allow the traffic from lan to this specific domain.

1 Like

Thanks. I will take a look. As you say I am reversing this. But must stay positive!!

Struggling to get my head around this.
Would an alternate strategy be to only permit outgoing FTP traffic. Would this be easier to implement.

If you can use IPs instead of DNS names, then you can allow outgoing access to just that specific IP.

Alternatively allow the router to access DNSes for IP verification, to be able to update fw rule with new IP, when/if needed.

1 Like