[debian 9] Block WAN traffic but allow LAN traffic

July 3, 2019

Hey guys,

I have a machine setup as a file server running OMV (on Debian 9) hooked to my wireless router which also is the gateway to internet. What I want to do is block my file server from sending/receiving WAN traffic but allow LAN traffic. I did find some guides on stackexchange to do this by using iptables, but I need this for nftables. I have recently started learning Linux but I'm not familiar with this level of configuration. Can this be done at the machine level? And if so, how would I go about it? Thanks in advance.

31,906 · July 3, 2019

You do understand that ever single wifi router there is blocked inbound traffic from the internet out of the box... Unless you setup a port forward towards your file server on your wifi router no inbound traffic from the internet would be sent to your box.. Unless your running UPnP on your router (this really should be off by default on most wifi routers these days) And your box requested something be open to it.

I if you want your box to NOT talk to the internet at all - then just do give it a gateway when you setup its IP.. Without a gateway it would be impossible to talk to anything other than local IPs on the same network... This is zero reason to do anything with iptables on the box itself.

July 4, 2019

19 hours ago, BudMan said:

You do understand that ever single wifi router there is blocked inbound traffic from the internet out of the box... Unless you setup a port forward towards your file server on your wifi router no inbound traffic from the internet would be sent to your box.. Unless your running UPnP on your router (this really should be off by default on most wifi routers these days) And your box requested something be open to it.

I if you want your box to NOT talk to the internet at all - then just do give it a gateway when you setup its IP.. Without a gateway it would be impossible to talk to anything other than local IPs on the same network... This is zero reason to do anything with iptables on the box itself.

Thanks. Removing the default gateway did the trick.

Sign In

[debian 9] Block WAN traffic but allow LAN traffic

Recommended Posts

fehuris

Link to comment

Share on other sites

+BudMan MVC

Link to comment

Share on other sites

fehuris

Link to comment

Share on other sites

Recently Browsing 0 members

Similar Content

Ubuntu 24.04 launched from Canonical with frame pointers set up by default and more

Fedora 40 released, main Workstation edition includes GNOME 46

Forget Ubuntu 24.04 LTS, what you really want to download this month is Fedora Silverblue 40 1 2

Linux vs Windows AES performance to be intriguing as Google boosts AMD and Intel

Statcounter: Linux increases desktop market share to 4.05% 1 2

Company

Community

Social

Partners

Forums

News

Features

More

Themes