Basic Firewall under Mikrotik

/ip fire fil
add chain=input connection-state=established comment="Accept established connections"
add chain=input connection-state=related comment="Accept related connections"
add chain=input connection-state=invalid action=drop comment="Drop invalid connections"

add chain=input protocol=icmp limit=50/sec,2 comment="Allow limited pings to RB"
add chain=input protocol=icmp action=drop comment="Drop excess pings to RB"
add chain=input protocol=tcp dst-port=22 src-address=192.168.2.0/24 comment="Allow SSH Access"
add chain=input protocol=udp dst-port=5678 src-address=192.168.2.0/24 comment="Allow Discover Winbox"
add chain=input protocol=tcp dst-port=8291 src-address=192.168.2.0/24 comment="Allow Winbox Access"

add chain=input action=drop comment="Drop everything else"

/ip fire fil

add chain=forward connection-state=established comment="Accept established connections"
add chain=forward connection-state=related comment="Accept related connections"
add chain=forward connection-state=invalid action=drop comment="Drop invalid connections"

add chain=forward protocol=udp dst-port=53 src-address=192.168.2.0/24 action=accept comment="Allow DNS"
add chain=forward protocol=tcp dst-port=53 src-address=192.168.2.0/24 action=accept comment="Allow DNS"
add chain=forward protocol=tcp dst-port=80 src-address=192.168.2.0/24 action=accept comment="Allow HTTP"
add chain=forward protocol=tcp dst-port=443 src-address=192.168.2.0/24 action=accept comment="Allow HTTPS"

add chain=forward action=drop comment="Drop everything else"

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel