Hi! I have mikrotik hAp lite with all 4 ports in bridge. I want to filter tcp port 21 on this bridge. Is it possible to achieve without NAT? /bridge filter is not option because i cant filter ports because they are layer 3. How can i make traffic passing through the bridge? I’ve enabled “use ip firewall” in bridge options, doesnt help. Version 6.43.4.
I’m not totally understanding what you are asking? Is this filtering out port 21 on outbound traffic or just internally?
Filtering the passing traffic. The gateway is behind this bridge
Sent from my X7pro using Tapatalk
I need to filter traffic passing through the bridge. The gateway of the network is behind this bridge. Is that possible?
You can filter tcp and udp in bridge firewall.
After setting ip-protocol=tcp or udp, src-address/port and dst-address/port are enabled.
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_Firewall
It doesnt seem to work, ive tried already… the counter stays at 0. Ive also tried /ip firewall raw, same result
Please post your config and we should be able to help you.
Are you using hardware offload? If so, turn it off as this will negate that.
I am with Steve, I have no clue what you are trying to accomplish or not accomplish.
Do you mean you want people to be able to access an FTP server on your LAN?
Do you mean you want to block all attempt from the WAn to access your router or lan on port 21?
Do you mean you want to block all attempts by people on the LAN to reach the internet using port 21?
Please describe the physical layout as well.
Can we get some example of your config?