hi.

i want to setup wifi interface to allow user to use only the internet.
i like to setup a firewall rule like this:

pass, if: wifi, source: wifi subnet, dest: wan, dest port: 1-10000

q1: why no wan option in destination?
q2: what's good/bad limiting destination port like that?

cmiiw,
it will block lots of virus/worm/trojan at those ports above 10000
and i know almost no internet application that use any ports above that.
i might lower that port, but webmin use port 10000?


or any other suggestion on blocking those virus from hogging the network?
i'd already setup rule to allow only 1 new connection per 1 second.


tnx&rgds,
dny
---
... but that which cometh out of the mouth,
this defileth a man.   Mat 15:11

Reply via email to