I want to use the guest network for IoT - is it possible to use the gli-inet firmware's firewall rules UI to achieve this?

modumb · October 13, 2020, 9:08am

Hi

I noticed that the built-in firewall UI lets users specify guest and LAN zones… Is it possible to then to create a simple rule using the UI to allow multicast DNS and other necessary protocols between the guest network and LAN?

I would like to avoid luci and iptables if possible.

Could someone please give a working example in what to put in the built-in firewall’s options to open up the following ports between the gust network and LAN:

mDNS

iptables -A INPUT -p udp -m multiport --dports 5353 -j ACCEPT

Homekit Protocol

iptables -A INPUT -p tcp -m multiport --dports 51827 -j ACCEPT

Home Assistant interface

iptables -A INPUT -p tcp -m multiport --dports 8123 -j ACCEPT

Thanks!

modumb · October 13, 2020, 11:09am

… For example - not sure what I should put for “internal IP” or “internal ports”.

In this example, I have the IP address of a device in the guestzone which seems like that should be wrong.

I was not able to put 192.168.8.* either.

Not really sure whether it should be LAN or Guestzone device IP.

Also… for the itnernal port, should I use the same or just pick any old random port?

Thanks

luochongjun · October 16, 2020, 10:27am

You can add you firewall rules in MORE SETTINGS-> Advanced->network->firewall

modumb · October 19, 2020, 5:01pm

Hey thanks, I realise this. I just wondered if the rules I wanted to add could be done with the gl-inet firmware, and if so, what to put for ‘internal IP’ and ‘internal ports’.

Are you saying that my usecase is not possible then for the GL-inet GUI?

Thanks again.