Yeah not finding a way to update that dropdown from allow to deny for traffic to Local LAN. The best i came up for was to add three seperate rules for each of the private class subnets. Hope this won't block the gateway for the client.
rules=[{'comment': 'Wireless clients accessing LAN', 'ipVer': 'ipv4', 'policy': 'deny', 'protocol': 'any', 'destPort': 'Any', 'destCidr': '10.0.0.0/8'},
{'comment': 'Wireless clients accessing LAN', 'ipVer': 'ipv4', 'policy': 'deny', 'protocol': 'any', 'destPort': 'Any', 'destCidr': '172.16.0.0/12'},
{'comment': 'Wireless clients accessing LAN', 'ipVer': 'ipv4', 'policy': 'deny', 'protocol': 'any', 'destPort': 'Any', 'destCidr': '192.168.0.0/16'}]