How do you block WLAN access but allow LAN access?

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
View previous topic :: View next topic  
Author Message
dungears
DD-WRT Novice


Joined: 08 Apr 2021
Posts: 2
PostPosted: Thu Apr 08, 2021 23:37    Post subject: How do you block WLAN access but allow LAN access? Reply with quote
I'd like to use steamlink to stream video from my PC to my smart TV, but I have security concerns with connecting my smart TV to my network.

Is there a way in the DD-WRT settings to allow a device to talk on the LAN, but not to the internet?

On the access restrictions tab, I see you can "block internet access" using policies. But I can't find an explanation of what this does. Does it do what I'm describing above? Or is it blocking all traffic including LAN traffic?

Thanks.
Back to top View user's profile Send private message
Sponsor
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6445
Location: UK, London, just across the river..
PostPosted: Fri Apr 09, 2021 20:18    Post subject: Reply with quote
iptables -I FORWARD -i br0 -o $(get_wanface) -p tcp -s xxx.xxx.xxx.xxx -j REJECT

iptables -I FORWARD -i br0 -o $(get_wanface) -p udp -s xxx.xxx.xxx.xxx -j REJECT


add those lines to commands>box>save firewall script

lets presume that xxx.xxx.xxx... must be your device IP, as well...make sure it is on br0..or replace br0 with its bridge number..if its different
_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Back to top View user's profile Send private message
dungears
DD-WRT Novice


Joined: 08 Apr 2021
Posts: 2
PostPosted: Fri Apr 09, 2021 22:28    Post subject: Reply with quote
Great. Thanks!
Back to top View user's profile Send private message
SurprisedItWorks
DD-WRT Guru


Joined: 04 Aug 2018
Posts: 1447
Location: Appalachian mountains, USA
PostPosted: Sun Apr 11, 2021 19:16    Post subject: Reply with quote
And in GUI>Services>Services give the device a static lease to fix its IP address. Otherwise it's apt to get different ones at different times, and trying to block it will just frustrate you.
_________________
2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum