Can you please draw a network diagram, e.g. in draw.io (diagrams.net desktop application) and we can tell you what to check where?
You can use nmap to verify if the rules you set actually work.
Try spoofing your IP yourself and see what happens.
You can use RADIUS for client authentication and MACSec to encrypt layer2 data. In my opinion that's overkill for a home network though.
Try to come up with scenarios in which you are hacked and how they'd do it. Then try to actually do it. Implement counter measures and see if it still works or you successfully mitigated that attack vector.