I have this working now, except for one particular exception.
I have rules set as per below
Accept UDP 67-68 from 10.4.0.0/16 to 10.0.0.5
Drop all (other) from 10.4.0.0/16 to 10.0.0.0/8
I'm trying to add the following (above the drop rule), but it appears the below isn't allowing traffic to flow as desired.
Accept any from 10.4.0.0/16 to 10.0.6.1-2
(I've also tried adding Accept any from 10.0.6.1-2 to 10.4.0.0/16 as well even though my drop rule isn't configured to block this direction)
Home user, working in IT. Home network is my lab.
ISP: Uno Communications
Draytek Vigor 120v2 ADSL2+ Annex M
Draytek Vigor 130 FTTC (VDSL)