User manual
20: Configuring firewall
_______________________________________________________________________________________________________
config rule
option src lan
option dest wan
option src_ip 192.168.1.27
option extra '-m time --weekdays Mon,Tue,Wed,Thu,Fri --
timestart 21:00 --timestop 09:00'
option target REJECT
20.10.8 Restricted forwarding rule
The example below creates a forward rule rejecting traffic from LAN to WAN on
the ports 1000-1100.
config rule
option src lan
option dest wan
option dest_port 1000-1100
option proto tcpudp
option target REJECT
20.10.9 Transparent proxy rule (same host)
The rule below redirects all outgoing HTTP traffic from LAN through a proxy
server listening at port 3128 on the router itself.
config redirect
option src lan
option proto tcp
option src_dport 80
option dest_port 3128
20.10.10 Transparent proxy rule (external)
The following rule redirects all outgoing HTTP traffic from LAN through an
external proxy at 192.168.1.100 listening on port 3128. It assumes the router
LAN address to be 192.168.1.1 - this is needed to masquerade redirected traffic
towards the proxy.
_______________________________________________________________________________________________________
© Virtual Access 2015
GW1000 Series User Manual
Issue: 2.4 Page 138 of 255