I'd like to confirm if my firewall settings are correct.
in the setup above, will the following firewall rules block upstream/downstream and isolate everything beyond the OpenWrt router from the ISP router
i.e. will the OpenWrt router only pull internet from the ISP router and nothing else
and, the ISP router will not be affected by anything on the other side of the OpenWrt router
i tested the following settings and they work (changed the ip's to fit the example diagram from the other post), just wanted to check if what i am doing is correct, also, is 'drop' or 'reject' better, generally
In the default configuration (with no added firewall rules), the network behind the OpenWrt router will have access to the internet and to the lan of the ISP router (i.e. 192.168.1.0/24). The ISP router will not have access to the network behind the OpenWrt router (or for that matter, the OpenWrt router itself because of the firewall). And, from the perspective of the ISP network the OpenWrt router will appear like any other device on its network and the configuration of your OpenWrt router will not affect the ISP lan (at least there are very few situations where that could reasonably happen... I'm sure we could invent a problematic situation, but there's really very little chance that you'd ever run into that).
So, the question is this:
do you want the devices on 192.168.6.0/24 to be able to reach devices on 192.168.1.0/24, or do you want that blocked?
That is the only reason you'd need to create additional firewall rules.
