Code: Select all
ebtables -I FORWARD -i wlan0-1 -o br-lan-j DROP
was not working. I also found that the line recommended by Slacker provided Wifi isolation and the below line provided LAN isolation.
Code: Select all
ebtables -I FORWARD -i wlan0-1 -o eth0 -j DROP
Code: Select all
ebtables -I FORWARD -i wlan0-1 -o eth0 -j DROP
ebtables -I FORWARD -i wlan0-1 -o wlan0 -j DROP
These lines work on my AR71 router. You should test yourself that you cannot ping either your LAN or other Wifi clients on your private LAN from your guest Wifi.
As noted in previous post a couple screens on the GUI will be confused by this setup but most will work fine. All functions configured through the GUI before these changes will continue to work fine including the QoS and Quota.
If you have any problems with the above please post the results of the following commands on this thread and a description of what problem you are having.
Code: Select all
ebtables --list
ifconfig