Community discussions

MikroTik App
 
Doogs
just joined
Topic Author
Posts: 8
Joined: Thu Jul 05, 2012 6:42 pm

ip firewall filter NOT =! option

Fri Oct 19, 2012 6:16 pm

Wouldn't the following filter translate to: deny anyone from accessing the MT router itself on TCP port 22 who is NOT on the address list TrustedIP?? It's not working and the MT wiki is not really helping too much or giving me enough information to Google what I need to address this.
ip firewall filter add chain=input action=drop protocol=tcp src-address-list=!TrustedIP dst-port=22
I know, I know - I could write this easier. I was using my input chain for testing. But I need to configure my forward chain to:

1) Permit TCP/UDP 1 -1023 to my devices from src-address-list=TrustedIP
2) Deny TCP/UDP 1 - 1023 from everyone else dst to my devices
3) Permit 80/443 from everyone to my webserver
4) Permit everything else.


Thanks!
 
User avatar
Caci99
Forum Guru
Forum Guru
Posts: 1075
Joined: Wed Feb 21, 2007 2:26 pm
Location: Tirane
Contact:

Re: ip firewall filter NOT =! option

Sat Oct 20, 2012 12:22 pm

Yes, the rule is correct, but have you any other rule before it (above it) which accepts connections?

Who is online

Users browsing this forum: CGGXANNX and 53 guests