I was using two RB532A boards runing as a WDS bridge running 2.9.51, and now using two RB333 running 3.9 as a WDS Bridge, and none of my firewall filter rules are working anymore.
example:
add chain=forward action=drop dst-port=137 protocol=udp comment=“block windows
network port 137” disabled=no
So what changes do I have to do with the newer OS.
Thanks
Glenn Allen
you have to allow to use ip firewall if bridged.
/interface bridge settings
set use-ip-firewall=yes
Yes mrz is right, in ver 3 for bridged network the ip firewall option must be set enable in the bridge interface.
Is this assuming you are only using the bridging internally? In other words, if I have my ethernet and my wlan bridged for use on my LAN and then have a PPPOE wan connection on another ethernet port, I don’t need to set this option for my bridge?
My one firewall rules references the in. interface (bridge) for the “allow from our LAN” rule.
;;; From our LAN
chain=input action=accept in-interface=bridge
Thanks MRZ,
/interface bridge settings
set use-ip-firewall=yes
that fixed the problem.
I don’t see my simple queues working to limit p2p, is there another setting I need to set.
This is what I have setup now, and it doesn’t seem to be working
/queue interface
set ether1 queue=ethernet-default
set ether2 queue=ethernet-default
set ether3 queue=ethernet-default
set “5.2 GHz” queue=wireless-default
set “SOR WDS” queue=wireless-default
set bridge1 queue=default
/queue simple
add comment=“” direction=both disabled=no dst-address=0.0.0.0/0 interface=all
limit-at=14000/14000 max-limit=14000/14000 name=“p2p” p2p=all-p2p
parent=none priority=8 queue=default-small/default-small
total-queue=default-small
Thanks
Glenn Allen