Hi i have a problem. When i create a two rules then the 1st rule is ignored. SO when i have 10 rules the first 9 is ignored. Why is that and what can i do thanx. I have routeros 3.20.

The exprted firewall file says the following…

software id = KYF7-LTT

/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s
tcp-close-wait-timeout=10s tcp-established-timeout=1d
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=accept chain=forward comment=“” disabled=no out-bridge-port=
eoip-tunnel1 src-mac-address=00:10:B5:86:9C:4E
add action=accept chain=forward comment=“” disabled=no out-bridge-port=
eoip-tunnel1 src-mac-address=00:1B:38:39:55:78
add action=drop chain=forward comment=“” disabled=no
/ip firewall nat
add action=masquerade chain=srcnat comment=“” disabled=no
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=yes ports=69
set irc disabled=yes ports=6667
set h323 disabled=yes
set sip disabled=yes ports=5060,5061
set pptp disabled=no

kameelperdza -

Your rules are very specific - if the MAC address matchs the rule and the it is going out the bridge=eoip1 then it is done, if none match then you are dropping everything… You really need to make sure that the MAC addresses you are specifing are the correct ones…

Lastly, since you are using bridge, you need to turn on the firewall under bridge. Just go to the Bridge menu in Winbox, call up your bridges and check the ‘use IP firewall’ (or something like that) and the bridge will now be ‘looked’ at by the firewall.

R/

I must be doing something wrong. What i do is i first add one pc’s mac adress and choose accept then another pc and also choose the accept. Then i make a rule that says to drop all. But then it will also block the macs that i have specified to allow. I wonder what it may be