I've been using pfsense for years as my main router. Recently I've come back to Openwrt as my main home router and am "missing" a certain feature.
My guess is I just don't know the proper question to ask google, but here's my attempt.
Does anybody know how to take a range or list of IP addresses, and refer to them as a name in an IPTables rule?
Example:
192.168.106.150-155 = "KidsKindles"
Then create a rule like so.
Drop all packets from source "KidsKindles" to wan.
On pfsense you can define an IP alias called KidsKindles, then refer to it basically anywhere you could use an IP or subnet, I have to believe that sort of functionality exists under Linux as well?
I see within Luci, that the firewall rules page sort of has this feature where it refers to WAN/LAN interfaces by those names instead of eth0.1, etc.
The closest concept to this in traditional iptables would be ipsets. You can declare an ipset of things, e.g. a set of IPs and ports and refer to it later with the -m set --match-set ... match.