Block internet access to local ip address but only for one ppp interface
My router will fallback to 3g modem if the main wan gateways fail. If this happens, i need to block the ps4 from accessing the internet as it could quickly consume the data allowance on the 3g modem. So how do i block all traffic to/from the ip (10.1.1.30) but only if that traffic is going through the ppp-True3g interface? Can it be done with one firewall rule?
Re: Block internet access to local ip address but only for one ppp interface
Exactly as you say, just add a firewall rule to drop forward from 10.1.1.30 to the ppp-True3g interface somewhere at the top of your filter rules, since rules are evaluated in order:
Code: Select all
/ip firewall filter add action=drop chain=forward out-interface=ppp-True3g src-address=10.1.1.30Torturing CCR1009-7G-1C-1S+, RB450G, RB750GL, RB951G-2HnD, RB960PGS, RB260GSP, OmniTIK 5HnD and NetMetal 922UAGS-5HPacD + R11e-5HnD in my home network.
Re: Block internet access to local ip address but only for one ppp interface
Thanks, I thought it would be something like that but wasn't sure if i also needed a rule to block "in-interface=ppp-True3g" but i guess if the outbound traffic is being blocked, there shouldn't be any incoming traffic.
Re: Block internet access to local ip address but only for one ppp interface
"in-interface" is not needed because your PS4 are behind NAT.Thanks, I thought it would be something like that but wasn't sure if i also needed a rule to block "in-interface=ppp-True3g" but i guess if the outbound traffic is being blocked, there shouldn't be any incoming traffic.
If with UPnP the PS4 open some ports on ppp-true3g, the ps4 can not comunicate to servers the port opened on ppp-true3g.
If the remote servers do not know the IP, "in-" comuication do not happen.
I'm Italian, not English. Sorry for my imperfect grammar.
Re: Block internet access to local ip address but only for one ppp interface
Many thanks for your help and the clarification on in-interface.
