I need to block on ip on my lan network accessing others lan connected computers…
Firstly i wanted to create a Vlan dedicated to this ip (or a vlan dedicated to all my computers), but I think an iptable rule should do the job…
But i don't know the syntax…
Can someone help me please ?
This assumes he doesn't manually set his IP, if it would work at all.
Better to create a "guest" network that has no access to the other. Or, in your case, a "neighbor" network.
dd-wrt. com/wiki/ index. php /Multiple_WLANs#Separating_the_WLAN.27s
the problem i have with that is i have set up 2 SSIDs, separated them into seperate VLANs & Bridges but the AP Isolation option only isolates eth1 & not wl0.1 (br1). ive been reading for hours & still cant find a way to block the guest network users accessing each other.
Ive tried access restrictions but it seems they are not being enforced on either network (TCP & UDP 135-139 & 445).
my only real option which isnt going to work for me it to shift the guest network to wl0 & the main network to wl0.1.
but i cant do that because i am using USB file sharing & its only available on eth1 (or wl0. not sure which)
& there isnt an option to change what bridge it is available on……
what i really need is the added option of AP Isolation for each Virtual Wireless AP like is available in DD-WRT (use to use, but made the switch & prefer tomato/shibby)