How to block the port from the LAN side?

[elvisangelaccio]

Hi all, my Netgear DG834G was affected by the backdoor. I fixed it, from the WAN side, by simply blocking the port 32764 using a new firewall rule for the incoming connections. This was the biggest security issue and now I should be protected. However, the backdoor is still working from within the LAN and this is annoying. How do I block the backdoor port from the LAN side? As far as I know there is no firewall between the router itself and the LAN hosts, right? Indeed I tried to add also an outgoing firewall rule for port 32764 but this didn't worked. I suspect that when I run poc.py --ip 192.168.0.1 this does not even reach the firewall.

Other ideas?

[knanan]

Buying a new modem/router was my ultimate solution (I actually used my newer backup modem, after googling the model name and seeing no obvious security issues, I eased)

[elvisangelaccio]

Yeah, I know. But since I trust the users of my LAN (they all know the admin password), actually I'm fine with the backdoor active and with my current router. It's just a matter of principle, I would like to shut down that port regardless if it's not used.