Hi All,
Hoping someone could point out what is wrong with my firewall settings?!! I'ts doing my head in.
/ip firewall address-list
add address=192.168.1.0/24 list=OurLocalLAN
/ip firewall filter
add chain=input comment=
"Allow access to the router from the LAN using address list"
src-address-list=OurLocalLAN
add action=drop chain=input comment="Drop all other traffic to the router"
add action=drop chain=forward comment="Drop invalid connections"
connection-state=invalid
add chain=forward comment="Allow connections from the LAN" connection-state=new
in-interface=bridge1
add chain=forward comment="Allow established connections" connection-state=
established connection-type=""
add chain=forward comment="Allow related connections" connection-state=related
add action=drop chain=forward comment=
"Drop all other traffic through the router"
/ip firewall nat
add action=masquerade chain=srcnat out-interface=PPoE-Out
So with the Last Filer Rule which is "Drop all other traffic to the router" enabled, none of the clients can access the internet. However disabling it allows Internet access - but pretty much makes all rules above it redundant. I can't figure out why the rules are not letting the traffic through and is caught by the last drop rule.
Any advice would be appreciated.
Thanks.