Thanks again for replying!
I needed some time to figure out what rules are necessary and now I think I know what would be nice. I’d like to deny access from the ETH00 Port to ZeroShells administration page and the clients shouldn’t “see” each other (something like access point isolation).
Is that possible?
My network topology: ZeroShells ETH01 port is connected to a hardware router and the ETH00 port is connected with a wifi access point. The captive portal is active at this port.
Some private pc’s are directly connected to the hardware router (is it possible to protect them? (No access through ZeroShell to these pc’s).