Code: Select all
0 ;;; Drop all broadcast
mac-src-address=00:00:00:00:00:00 in-interface=all
mac-dst-address=FF:FF:FF:FF:FF:FF out-interface=all mac-protocol=all
src-address=0.0.0.0/0 dst-address=0.0.0.0/0 protocol=all action=drop
1 ;;; Accept in/out traffic on WAN interface
mac-src-address=00:00:00:00:00:00 in-interface=WAN
mac-dst-address=00:00:00:00:00:00 out-interface=all mac-protocol=all
src-address=0.0.0.0/0 dst-address=0.0.0.0/0 protocol=all action=accept
2 mac-src-address=00:00:00:00:00:00 in-interface=all
mac-dst-address=00:00:00:00:00:00 out-interface=WAN mac-protocol=all
src-address=0.0.0.0/0 dst-address=0.0.0.0/0 protocol=all action=accept
3 ;;; Block all traffic between LAN interfaces
mac-src-address=00:00:00:00:00:00 in-interface=all
mac-dst-address=00:00:00:00:00:00 out-interface=all mac-protocol=all
src-address=0.0.0.0/0 dst-address=0.0.0.0/0 protocol=all action=drop
