hi. i want to setup wifi interface to allow user to use only the internet. i like to setup a firewall rule like this:
pass, if: wifi, source: wifi subnet, dest: wan, dest port: 1-10000 q1: why no wan option in destination? q2: what's good/bad limiting destination port like that? cmiiw, it will block lots of virus/worm/trojan at those ports above 10000 and i know almost no internet application that use any ports above that. i might lower that port, but webmin use port 10000? or any other suggestion on blocking those virus from hogging the network? i'd already setup rule to allow only 1 new connection per 1 second. tnx&rgds, dny --- ... but that which cometh out of the mouth, this defileth a man. Mat 15:11