Maybe this is already possible and I have just not figured out how to do it, but what I’d like to see added to the firewall rules configuration is the ability to have some of the rules be WAN interface specific.
To give you a specific example of why I’d like to see this implemented, the network I have my Pepwave Surf SOHO on has the ethernet WAN connected to a Comcast high speed connection, and the USB to an AT&T hotspot. The system falls back on the AT&T hotspot when the Comcast goes down, which it does in my area on a monthly basis, typically for a couple of hours. Obviously, the AT&T hotspot is very slow compared to the Comcast high speed connection. It also is on a pay as you go plan, so I’d like to limit large data transfers until the ethernet WAN comes back online.
However, some of the servers on the network are setup to perform offsite backups, which will clog the system if they try to run when the ethernet WAN is down. So I’d like to be able to set up a firewall rule that simply blocks those machines from accessing the Internet when the WAN connection is the USB port, and allow them when the WAN connection is the ethernet port. I don’t see a way to configure the Pepwave to do this with the present firewall rules configuration menus.