config zone option name 'wan' option input 'REJECT' option output 'ACCEPT' option forward 'REJECT' option masq '1' option mtu_fix '1' option network 'wan wan6'
This is the default firewall rule of my router. I don't understand why input traffic is rejected.
option input is the traffic flows from the
wan zone to the router. If it is set to
REJECT, then how can a web server on the Internet sends back the data when I make a request from
Furthermore, if we have
input traffic from
lan zone to router set to
ACCEPT, then the
output traffic from the router to
wan set to
ACCEPT as well (as above), then what is the purpose of the
config forwarding rule:
config zone option name 'lan' option input 'ACCEPT' option output 'ACCEPT' option forward 'ACCEPT' option network 'lan' config forwarding option src 'lan' option dest 'wan'
From my understanding, the traffic shall be forwarded from
lan to the router, then from the router to