I'm configuring a new 3300V+ router and am wanting to set up some rules to block outbound traffic. Eventually I'll want to force all HTTP and HTTPS through a proxy server but for the timebeing I want to stop outbound TCP/23 (telnet) to the Internet (WAN1) from everyone on the LAN.

What I've done so far is:

1. Set the IP Filter start group to "Block"
2. In the "Block" group, I've set up a new rule called "Block telnet" which says Source IP: any, Source port: 23, Protocol: TCP, Direction: LAN to WAN
3. The action of this rule is to Block Immediately
4. The "Active" option is ticked

I'd really expect this to work but it doesn't make any difference whatsoever.

Some help on this would really be good! I've read the User Guide PDF downloaded from the Draytek site but it's bloody awful and doesn't cover this area very well.


Cheers.

I can't check the interface right now but the 3300 should be similar to other routers in that you shouldn't specify the source port because due to NAT, that's always random, only specify the destination port and the block rule should then work