Do you have a VPN setup? If so then depending on how you have things configured you might be able to SSH or HTTPS in from within the LAN.
I have both a SSH and HTTPS “virtual server” setup on my system but the mappings for that only work from the Internet. If you SSH or HTTPS the ZeroShell box from within the LAN or VPN you have full access.
I created a rule as “Any interface/Any IP” so I assume when I tried using a Putty to SSH and telnet it failed to both the internal IP address of the LAN and the IP address of the VPN tunnel on that side.
If you have forwarded port 443 and locked out SSH(telnet is not running) I am afraid you’ll have to use the console to revert the changes.
The command to see the rules for port forward on the console is
iptables -t nat -L -v
after you find the line number you can remove it by