What's the easiest way, preferably with the GUI (though not essential) to set up a firewall rule to block outgoing connections while still allowing internal connections for an IP Address range?
I'm a bit confused by the interface options - I think I need eth1 (my internal LAN port), IN (to the router), default DROP, and then a rule saying something like Accept, all protocols, all states, Source of 192.168.1.1/31 (as in 255.255.255.224, giving me 30 addresses in a block, 1-31), leave the rest blank. But I don't want to risk losing access to the ERL3 by misconfiguring this if I'm wrong.
Would this then essentially only allow devices with IP Addresses of .1-.31 to access the outside world? (Pretty much everything has been assigned a static IP for tracking and naming reasons.)
Thanks