darren dot gilham at cookson dot co dot uk wrote:
> Ok this may sound funny but is there a way to block port 80 on the
> lan nic
> so web admin access is denied
> The reason for this i'm using monowall as a captive portal so the lan
> my open wirless network the wan is connected to my guest network which
> provides internet access
> so i have web admin locked down on the wan side and will only allow
> from our private lan
> i have a rule on the lan
> X TCP LAN Net * 192.168.100.1 HTTP(80)
> 192.168.100.1 is the lan nic ip address
> is this a feature so you can't lock yourself out.
Yes this is to prevent lockout. There is the following on the System -
Disable WebGUI anti-lockout rule
By default, access to the WebGUI on the LAN interface is always
permitted, regardless of the user-defined filter rule set. Enable this
feature to control WebGUI access (make sure to have a filter rule in
place that allows you in, or you will lock yourself out!).
Hint: the "set LAN IP address" option in the console menu resets this
setting as well.
James W. McKeand