Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FS#4258 - firewall4 does not honor rule denying access to WAN zone #9239

Closed
openwrt-bot opened this issue Feb 7, 2022 · 3 comments
Closed

FS#4258 - firewall4 does not honor rule denying access to WAN zone #9239

openwrt-bot opened this issue Feb 7, 2022 · 3 comments
Labels
flyspray

Comments

@openwrt-bot
Copy link

darksky4:

I built an image from master just now and created this firewall rule to deny WAN access to a particular client. The rule is active yet I can still get out to the WAN from that client. Under a pure fw3 image built from a few days ago, the rule worked as expected.

config rule
option src 'lan'
option target 'REJECT'
option name 'Deny WAN access'
option dest 'wan'
list proto 'all'
list src_ip '10.9.8.100'
list src_ip '10.9.8.112'

Supply the following if possible:

  • Device problem occurs on = bcm2711/rpi4b
  • Software versions of OpenWrt = latest from master (3343ca7)
@openwrt-bot
Copy link
Author

champtar:

Can you show the output of 'nft list ruleset', also your full firewall config, maybe another rules breaks fw4

@openwrt-bot
Copy link
Author

jow-:

Fixed with https://git.openwrt.org/?p=project/firewall4.git;a=commitdiff;h=b54f462272c3a68a1a733a9037dc7c109c54499d - will push an update soon.

@openwrt-bot
Copy link
Author

jow-:

Updated with https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=2dd6777f15defc6fe343e8485d3e22325570fb2b

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
flyspray
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@openwrt-bot