I have connected multiple VLAN to my OMV server. I intended to block communication between clients in different VLAN but allow connection to the server.
This works so far but.... if a client changes the server to be the gateway in network setting, he has access to every VLAN connected to the server.
This behavior is dangerous, if you are not aware of. This could be blocked by changing the FORWARD policy to DROP.
I stopped this by adding a rule in the FORWARD chain in iptables via CLI.
So now I have purposely added my server as a gateway and control communication between VLAN with iptables via CLI.
I use my server as internet gateway and grant access clients in a secure VLAN to a public VLAN.
All this fun stuff requires changing the FORWARD chain in iptables via CLI.
FORWARD chain is useful. And there are probably even more use cases I can not think of.
The syntax of FORWARD chain is not different from INPUT or OUTPUT. So this should not be a huge thing to implement.
So please add FORWARD chain to firewall in GUI.