Limit and monitor traffic between users on same AP

Hello,

I have searched the forum for the answer, and everyone is using default-forwarding=off, but is it posibile to queue traffic between users on same AP, and in the same time allow them to see each othet and exchange data, but not alowing them to “kill” the AP (for example by using dc++)?

Let me try and help.

Forget about default forwarding here.

Say your IP Range is 192.168.1.0/24 gateway 192.168.1.1
In you firewall filters, Forward chain:

Allow 192.168.1.0/24 to access 192.168.1.1 (Remeber two rules needed: src-address=192.168.1.0/24 and dst-address=192.168.1.1 and vice versa, and same for below)

Allow whichever client IPs you want to communicate with each other.

Block 192.168.1.0/24 from accessing 192.168.1.0/24.

Set simple queues between the client IPs that you gave access to each other. Or, play with mangle and packet marks.

Good Luck