I have a computer which I would like to allow full use of the LAN network but block access to the WAN. I have not been able to figure this out. I understand I cannot block by MAC address which should be OK. I am able to assign a static IP to the client so a DHCP renew won't get around the rule. Can anyone provide some guidance?
You will always have full access to the LAN because that traffic does not cross SmallWall at all. To block it to WAN, use a static IP or statically assign one with DHCP, then create a block all rule for that IP. Note that it must be first in the list, or the default pass rule will pass it before it gets there.