Adding Firewall Rule
Posted: Thu Aug 17, 2017 10:46 am
I want to add a firewall rule which allows certain static IP addresses to go via the normal WAN connection instead of via the default OpenVPN connection. I went into the CLI and found the file /etc/firewall.user and assume this is where I can make my changes.
Couple of questions:
1. Will these changes to /etc/firewall.user persist through reboots? (the notes in the file mention firewall restarts, but not device reboots)
2. What destination/gateway do I use to send traffic to the non-VPN WAN connection? I see zone_wan_output chains in the output of iptables --list, do I use this?
3. Can I run my custom rule even when I set the OpenVPN config to "Block non-OpenVPN traffic" or do I need to allow this traffic for the rule to work?
Any pointers you can give me would be most helpful. Thanks!
Couple of questions:
1. Will these changes to /etc/firewall.user persist through reboots? (the notes in the file mention firewall restarts, but not device reboots)
2. What destination/gateway do I use to send traffic to the non-VPN WAN connection? I see zone_wan_output chains in the output of iptables --list, do I use this?
3. Can I run my custom rule even when I set the OpenVPN config to "Block non-OpenVPN traffic" or do I need to allow this traffic for the rule to work?
Any pointers you can give me would be most helpful. Thanks!