Community discussions

MikroTik App
 
haissam
just joined
Topic Author
Posts: 5
Joined: Thu Mar 20, 2014 12:40 am

bridge filter to drop brodcast

Sun Mar 23, 2014 3:53 pm

helloooo
anyone can help me????
i have a problem in my network i need to stop the broadcast
the ip firewall not working on the bridge mode
im using



/interface bridge filter
add action=accept chain=forward disabled=yes mac-protocol=pppoe-discovery
add action=accept chain=forward disabled=yes mac-protocol=pppoe
add action=drop chain=forward disabled=yes






need to add a chain input

accept winbox 10.10.10.1,10.10.10.2,10.10.10.3,10.10.10.254
accept icmp
accept MNDP
input drop ALL


thank you :)
 
User avatar
brauser
Trainer
Trainer
Posts: 32
Joined: Sat Aug 21, 2010 6:36 am
Location: Brazil, SP, Valinhos
Contact:

Re: bridge filter to drop brodcast

Tue Mar 25, 2014 3:39 am

Hi haissam,

If on your network you only use pppoe, than your bridge rules are all you need (except that they need to be enabled :)). But do this kind of filter on every bridge you have unless the pppoe-server.

Another more generic rule would be one to do "port-isolation" with bridge ports. E.g.
/interface bridge filter
add action=drop chain=forward in-interface=!UPLINK out-interface=!UPLINK

Any input rule won't interfere on broadcast.

Who is online

Users browsing this forum: Bing [Bot], tinodj and 67 guests