I have an e3000 and set up multi ssid on it, which works. But any guest vlan client is able to access all services on my router.
This is bad especially for the file sharing which is enabled without authentication on my router and shouldn't be available to guests.
The webgui is another big problem in this case, which shouldn't be available to access for guests while it should for my internal lan and wlan.
I would like to block all access of guests:
-to the router's services - all of them, especially file sharing and web gui
-to other guest clients
-to my private lan (already included in tomatousb)
They should only have Internet access and absolutely nothing else. I have found this firewall command for ddwrt for restricting br1 from router services but when I try to use it in tomatousb I get an error:
iptables -I INPUT -i br1 -m state —state NEW -j DROP
Thank you in advance.