Hi
I have a hotspot and trying to ban clients from my internal network ( i have few test subnet, which one of them is used to manage access points devices ). I dont want them to have access to those devices not piging, tracerouting, no smb file sharing etc. THEY CAN ONLY GO TO INTERNET that its.
I know i can disable all of it, the protocal, ports etc, but that is getting to complicated cause as admin i want to be able to go everywhere.
I tried to use the : Walled Garden IP list in my hotspot panel, without luck, only works when i explicitly create a firewall rule to block user accessing my router that is: INPUT chain source ip net: 192.168.0.0/16 action = drop
Ex. hotspot subnet: 192.168.100.1/24
It works they can not ping router but users can still ping all my pc on my admin subnet: 192.168.88.1/24
I tried with FORWARD chain with no luck.
thanks for you help