I want to block ping between users that are in my wlan1 and the router I have to access Internet.
eth1: 192.168.0.2 gw 192.168.0.1
wlan1: 10.5.50.1
i.e. user with IP 10.5.50.154 can ping to 192.168.0.1
I want to block it. Anybody can help me how can I drop this pings?
Thank you.
ip firewall rule input> add protocol=icmp action=reject
But I only want to block pings from de subnet 10.5.50.0 to the subnet 192.168.0.0
wlan1 has the subnet 10.5.50.0
ether1 has the subnet 192.168.0.0
I want that users can ping to internet addresses.
add those address ranges to the rule msolis provided with.
src-address=10.5.50.0/24 dst-address=192.168.0.0/24
Edgars
You could use these as these rules block icmp-ping only (but allows other icmp packets to travel through (which in most cases is a good thing for error response))
add action=drop protocol=icmp icmp-options=0:0 src-address=10.5.50.0/24 dst-address=192.168.0.0/24.
add action=drop protocol=icmp icmp-options=0:0 src-address=192.168.0.0/24 dst-address=10.5.50.0/24
add action=drop protocol=icmp icmp-options=8:0 src-address=10.5.50.0/24 dst-address=192.168.0.0/24.
add action=drop protocol=icmp icmp-options=8:0 src-address=192.168.0.0/24 dst-address=10.5.50.0/24