As we know, an Any-Any-All-Drop rule as the last firewall rule is a security feature. If this rule blocks internet connectivity, of course we can’t use it. So what keeps maliciousness from attempting other protocols? Is there some other security built into IPFire that I’m not seeing? Is there a way to craft a firewall rule that would allow internet connectivity but provide other protocol security in IPFire?
I would imagine that the start and stop entry in the firewall.local file is your personal wireless IP network address and not what’s necessarily listed. Is this a correct assumption?
The statement about blocking WUI-Access from the Blue zone with a Firewall Rule entered using the WUI itself is accurate. I’ve confirmed this through testing and have subsequently removed the incorrect information from the wiki. Special thanks to @casabenedetti for bringing this to my attention.