I have a rule to make a port isolation in a RB2011. All interfaces are bridged.
chain=forward out-interface=!ether1 action=drop in-interface=!ether1
only traffic from and to ether1 is allowed
I have various clients connected to each interface.
I want to allow traffic between a specific client connected to ether4 and a client connected to ether6
I can’t allow traffic between these two interfaces because various clients are connected to them and i want to allow only traffic between those two clients.
so i put two rules before the above one and it looks like this.
chain=forward action=accept src-mac-address=11:11:11:11:11:11/FF:FF:FF:FF:FF:FF dst-mac-address=22:22:22:22:22:22/FF:FF:FF:FF:FF:FF
chain=forward action=accept src-mac-address=22:22:22:22:22:22/FF:FF:FF:FF:FF:FF dst-mac-address=11:11:11:11:11:11/FF:FF:FF:FF:FF:FF
chain=forward out-interface=!ether1 action=drop in-interface=!ether1
it works fine for a couple of hours and then the first two rules stops working. I disable all rules and enable them again and everything stars working fine again.
ROS version is 5.25
22:22:22:22:22:22 and 11:11:11:11:11:11 are the MAC Addresses of the two clients i want connection between.
Any suggestion about what i’m doing wrong?
thanks in advance and sorry for my poor english.