The new firmware seems to have addressed the issue. Had a few hiccups but just may be a fluke. Will continue to run it for a while and try to make sure it is working as intended.
The firewall rule set i used is something like this:
-Port forwards and virtual server rules as you would normally do
-Create the following IPv4 rule set:
-Allow all LAN subnets out 192.168.0.1-192.168.0.254 on all ports 1-65535 UDP and TCP to all WAN IPs 1.1.1.1-254.254.254.254 (this will allow traffic to flow out when the firewall is enabled)
-Allow specific WAN IP (such as 8.8.8.
in on desired port (such as 80 TCP) to specific internal IP (such as 192.168.0.10). To simplify things I did a rule for my "trusted" source IPs as a blanket one so for example 8.8.8.8 WAN can access all my internal IPs 192.168.0.1-192.168.0.254 on all ports 1-65535 UDP and TCP this allows that IP to access any virtual server or port forward I have put in place
-Ensure to create rules for any "wide open" services you are running such as VPNs, websites, ftp, torrent, etc. This can be done by creating a rule such as: allow WAN IP 1.1.1.1-254.254.254.254 to LAN IP specific 192.168.0.10 and the desired port UDP 1194 (this must match your virtual server or port forwarding rules.
-Once saved then enable the firewall rule set to "BLOCK all but listed"
Sorry for the condensed and somewhat unclear example, but I wanted to provide something in case people want to secure their port forwards a little more, ONCE the firmware is released.
GewGaw
Author
Topic: Inbound Filters? (Read 14399 times)