How to deny the all access from "wan" to "lan" in forward chain ?
I have tried to deny tcp access from wan to lan by drop the packey with syn flag.
Is there any way to drop every ip access from "wan" to "lan" in forward chain ?
I have another quetion,there is a nat rule:
chain=srcnat action=masquerade src-address-list=NAT
I can telnet the ip address "lan" whitch being masqueraded of in src-address-list=NAT from "wan"?