Add firewall rules to limit WAN access to services on router?


#1

I have enabled Remote Access over HTTPS from the WAN (to access admin page) and also access to File Sharing from the WAN (to access attached storage). But can I specify firewall rules to limit the networks that can access these router ports?

For example, if my WAN network is 192.168.1.x, then I want to limit access to the router’s https and Samba ports from just 192.168.1.x or maybe a single IP like 192.168.1.100. The main firewall interface doesn’t show the rules that are allowing for WAN access to HTTPS and SAMBA on the router so there is nothing for me to try to modify.


#2

Seems this is only possible via iptables.

You may need to create iptable rule and store it in /etc/rc.local so that it take effect every reboot.

I am no expert on this.