[Firehol-support] block client to client connections

Jon bae jonbae77 at gmail.com
Thu Sep 20 08:52:40 BST 2018

Hello Everybody,
can you give me a hint of how to block client to client connections?

I would like that the wlan user can connect to the internet, but not to
each other.

At the moment my wlan interface looks like this:

# firewall rule from wlan to interface wlanGuest
interface "${wlanGuest}" wlan-Guest
        policy  reject
        ipv4    server  "dhcp dhcprelay"        accept
        ipv4    server  "icmp dns squid"        accept  dst
        ipv4    client  all     accept

I thought instead of:
*ipv4    client  all     accept*

I can use:
*ipv4    client  all     drop dst " <>"*

But this would block the incoming from the internet to, right?

Have a nice day!


More information about the Firehol-support mailing list