Hi all,
Got some info here about blocking ports, and for the most part it worked. I set up a firewall ruleset that accepted in/out, then in it I added a rule that was set to all protocols (or tcp/udp), DROP was selected, on Advanced tab I selected all four types of state, and on source I selected my kids laptop group under address group. Destination I selected the eth0 (the WAN port). I set up my kids two devices (phone and laptop) based on mac address that I have set up as static ips on the Services/Lease section.
I also set up a global port block, so that ALL devices (e.g. all my kids computers) could not play the video game. That worked for the computers on wifi, but for some reason, those that were plugged in to LAN still had access. I am not entirely sure why. For destination (on that rule) I set address to 192.168.2.0/24 and for source tab I selected a port group that I set up with a set of ports and port ranges.
Where I might be screwing things up is the direction (IN/OUT). On the RULESET, for interfaces tab, I originally set just one, ETH0 (WAN) and direction OUT. But I thought.. I set the source to ports and destination to address, so I also added a 2nd interface ETH0 and IN. I am hoping that means I said in or out, I want the rules in this ruleset applied. Is that correct? Or would I also need to add another rule to the ruleset where source is the address and destination is the ports? OR do I need to break that out in to two separate rulesets, each with the direction one way... e.g. for IN I would have source set to port group, destination set to address.. and for OUT I would do the opposite?
Thanks.
