![]() ![]() "Allow the Private IP ranges to be forwarded by the router" \Īdd action=drop chain=forward comment="Drop everything else on WAN1" \ "Check for bad stuff in \"Attack\" chain" jump-target=Attacks "Allow current valid connections as well as valid related packets" \Īdd action=accept chain=input comment="Allow WWW" dst-port=80 protocol=tcpĪdd action=accept chain=input comment="Allow Winbox" dst-port=8291 protocol=\Īdd action=accept chain=input comment="Allow L2TP VPN Protocol" dst-port=\Īdd action=accept chain=input comment="Allow L2TP Protocol \"IPSec\"" \Īdd action=accept chain=input comment="Allow VPN PPTP" disabled=yes dst-port=\Īdd action=accept chain=input comment="Allow VPN SSTP" dst-port=443 protocol=\Īdd chain=input comment="Allow the Private IP ranges to access the router" \Ĭonnection-state=new src-address-list=PrivateIPĪdd chain=input comment="Allow ICMP Response" icmp-options=8:0 protocol=icmpĪdd action=drop chain=input comment="Drop everything else by default" "Invalid packets (No valid current connection)" connection-state=invalidĪdd action=drop chain=Attacks comment="Invalid TCP flag combo" protocol=tcp \Īdd action=drop chain=Attacks comment="Invalid TCP source port (0)" protocol=\Īdd action=drop chain=Attacks comment="Invalid TCP destination port (0)" \Īdd action=drop chain=Attacks comment="Invalid UDP source port (0)" protocol=\Īdd action=drop chain=Attacks comment="Invalid UDP destination port (0)" \Īdd action=return chain=Attacks comment="Return to the chain that jumped"Īdd action=jump chain=input comment="Check for bad stuff in \"Attack\" chain" \ Paste this firewall rule script in your WinBo Terminal: /ip firewall filter ip firewall address-listĪdd address= 192.168.88.0/24 list= PrivateIP CHR MikroTik Firewall Rule
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |