Default filter firewall

Hello,

I have these rules in my firewall. Can anyone explain in detail every single rule? I did not understand the number 2,4,5,6. Thank you.

Flags: X - disabled, I - invalid, D - dynamic
0 D ;;; special dummy rule to show fasttrack counters
chain=forward action=passthrough

1 ;;; defconf: accept ICMP
chain=input action=accept protocol=icmp log=no

2 ;;; defconf: accept established,related
chain=input action=accept connection-state=established,related log=no

3 ;;; defconf: drop all from WAN
chain=input action=drop in-interface=WAN1(eth1) log=no

4 ;;; defconf: fasttrack
chain=forward action=fasttrack-connection connection-state=established,related log=no

5 ;;; defconf: accept established,related
chain=forward action=accept connection-state=invalid log=no

6 ;;; defconf: drop invalid
chain=forward action=drop connection-state=invalid log=no

7 ;;; defconf: drop all from WAN not DSTNATed
chain=forward action=drop connection-state=new connection-nat-state=!dstnat in-interface=WAN1(eth1) log=no

The detail and understanding is something that you will gain by reading.
https://wiki.mikrotik.com/wiki/Manual:TOC

Read the filter section of the Wiki first. Once you cover that, it will become clear as to what they are doing.
Just having someone explain it here will not help you in the future.

Once you have read and get a basic understanding, come back and post what you think they do, and I will gladly help you the rest of the way.
Good luck and welcome to the Mikrotik community.

Also, it’s easier to understand the rules if you post them using this:

/ip firewall filter export compact

I recommend that you configure the second firewall as your needs.

Something happened with rule 5.
Your clients do not come online via IPv4.
Read your comment again exactly.


http://www.iptables.info/en/connection-state.html
On youtube are many good videos of MUM Conferences.