ektus wrote:I want to prevent 192.168.0.13 from having any internet access (except DNS and NTP, if I can't redirect the latter to my local time server).
If you want IP 192.168.0.13 to only have access to DNS and NTP, the rule should look like this:
The firewall works well, but it's an OpenWrt firewall.
I've yet to understand how the values are evaluated. If I say "no host", will the other rules do anything? Or should it be "any host" AND "port=52,123"?
In other words: Have all of the rules to be met to gain access, or has just one rule to be met?
I'll give you the type. The router itself acts as an NTP server, just enter the router's IP address into the client.
I'd like to, but this client (and at least two or three others, different ones) doesn't offer much in ways of configurability. I do have a local time server (some NAS) running anyway. But that doesn't help with clients that have external time servers hard-coded. So I could either just let that traffic through, or would have to dig deeper into firewall and routing to redirect it to the internal server.