Hey guys,
I have a rule in my firewall: drop all traffic from 192.168.100.0/24 to 192.168.0.0/24 (TCP), however, I’d like to allow one host to access my network 192.168.0.0/24
“chain=forward action=drop protocol=tcp src-address=192.168.100.0/24 dst-address=192.168.0.0/24”
Thanks in advance
/ip firewall filter
add action=accept chain=forward src-address=A.B.C.D
Where A.B.C.D is IP allowed.
add chain=forward action=allow src-address=xx.xx.xx.xx dst-address=192.168.0.0/24
change xx.xx.xx.xx to the ip address of the computer you would like to access your network. Place this rule above you deny rule.
These two rules, will they get in conflict?
“chain=forward action=drop protocol=tcp src-address=192.168.100.0/24 dst-address=192.168.0.0/24”
“chain=forward action=accept protocol=tcp src-address=192.168.100.53 dst-address=192.168.0.0/24”
Firewall rules work in order. the easiest way to view this is to look through winbox or print the rules. Make sure the allow rule is above the deny rule otherwise the rule will not work.
Thanks guys, it’s working 