Thanks for the reply.
Unfortunately, I don’t understand how this is implemented in IPFire. I’ve reviewed the documentation and generally understand networking, however still don’t get this for IPFire.
Here’s what I’m trying to do:
Lets say I have the following 4 devices with MAC Addresses as follows:
a1:xx:xx:xx:xx:xx iPad
a2:xx:xx:xx:xx:xx iPhone
a3:xx:xx:xx:xx:xx NASarray
a4:xx:xx:xx:xx:xx Win11PC
I’d like to allow a1, a2, and a3 to be allocated an IP address on the GREEN network ie. the LAN side, and they can see each other on the LAN.
I’d like to allow a1, and a2, to connect to the RED network to obtain access to the Internet.
I want to block a3 from connecting to the RED network, so it can’t obtain access to the Internet, ie the WAN side.
I’d like to block a4 from getting any connection to the GREEN network at all, so it is fully rejected from connecting to the LAN.
So, the MACs for a1, a2, and a3 are in an ‘Allowed List’, and every other possible MAC address is rejected from connecting to the GREEN LAN.
Then the MACs a1, and a2, are permitted Internet access, but a3 is not.
I also want to fully Block all WAN side traffic from being able to establish a connection from the WAN side. Effectively, the IPFire firewall DROPS everything coming from the Internet and appears to be in ‘Stealth mode’ using GRC.com ShieldsUp terminology.
I also don’t understand the ordering of the Rules in IPFire and which rule takes precedence.
Thanks,
Nanoh