Hi, I am moving from custom iptables rules created by myself to luci rules created on the luci web interface, but I am facing some problems or I am not understanding very well how luci works. I have created a new zone named guest-zone. This zone is connected to a interface named guest which is attached to a VLAN WITH ID 101. This is a basic diagram:
Guest people connect to an access point, that tags their connection to VLAN 101 and "forwards" to the real router running dnsmasq. The guest people receives an IP address on 172.16.31.0/24 range ( guest interface )
In my luci firewall , I have explicitly set REJECT for forwarding as follows:
Despite that, guest users still can use internet. Why is not being rejected ?