[SOLVED] Disable wan access from pc

Owengerig · September 4, 2018, 1:15pm

I have a compromised pc and Im trying to block all wan access to/from it while i troubleshoot. I created these 2 rules in my /etc/config/firewall file (and rebooted) but they dont seem to be blocking anything? Any ideas why?
FYI i do have a static ip set to that mac address

config rule
	option src 'wan'
	option dest_ip '192.168.1.253'
	option target 'REJECT'

config rule
	option src_ip '192.168.1.253'
	option dest 'WAN'
	option target 'REJECT'

iplaywithtoys · September 4, 2018, 1:17pm

In their current form those rules govern traffic to and from the router, not to and from the compromised PC.

To block traffic to and from the PC, add "option dest 'lan'" and "option src 'lan'".

lleachii · September 4, 2018, 1:20pm

Try:

config rule
	option src 'lan'
	option dest 'wan'
	option src_ip '192.168.1.253'
	option target 'REJECT'

system · September 14, 2018, 1:20pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.