So I have a configuration where I prevent my NAS from communication going of the WAN port of my router unless it is to a specific IP address. I have this implemented on my previous router that was running Tomato firmware.
Here is what I did on my tomato router.
iptables -A wanout -s 192.168.15.21 ! -d xx.xx.xx.xx -j DROP
iptables -A wanin ! -s xx.xx.xx.xx -d 192.168.15.21 -j DROP
I changed the wanin to wanout to appropriate chains for the almond plus and it certainly doesn't work. I get on my NAS and I am able to curl whatever websites I want. I am my wits end on how to get this to work.
I added those types of rules to every chain and it had zero impact.