I setup a Raspberry Pi connecting to my home router using the eth0 interface and broadcast a SSID via wlan0 interface simply by installing the RaspAP (https://raspap.com).
Everything working as expected.
However, I would like this newly created SSID only allow device to access a specific IP address (e.g. 22.214.171.124 for my kids’ school web server).
I tried to configure the UFW rules
sudo ufw default deny outgoing
sudo ufw allow from 10.3.141.0/8 to 126.96.36.199
I found that the rule only applies to the pi itself but the iPad can still access anywhere.
Any thoughts is welcome.