I'm on local 192.168.1.0/24 network with an openwrt router at 192.168.1.1 and I want to block any tcp connection to an IoT device that has an open port, let's say 192.168.1.12:5001. I don't have access to the device's linux so I can't enforce the rule there,
Is that even possible from the router without any complex segmentation? maybe I need special router/switch?
I have tried these on the router, but none of them work:
root@OpenWrt:~# iptables -I INPUT -p tcp --destination-port 5001 -j DROP
root@OpenWrt:~# iptables -I OUTPUT -p tcp --destination-port 5001 -j DROP
root@OpenWrt:~# iptables -I FORWARD -p tcp --destination-port 5001 -j DROP
Asked by martin
(203 rep)
Mar 2, 2020, 09:33 PM
Last activity: Mar 2, 2020, 10:15 PM
Last activity: Mar 2, 2020, 10:15 PM