Firewall Help

gsepulveda · April 18, 2012, 11:54pm

Hi there,
I have used the instructions found on this link : http://gregsowell.com/?p=894 in order to block part of the p2p traffic.
So far its working ok, I can’t bring up any search for torrent files/sites and pretty happy with it.

This firewall rules apply to our hotspot address list 192.168.88.0/24 , the problem I have its that I need the rule only to run from 192.168.88.0-250 leaving the last 4 addresses (251, 252,253, 254) off the rule and able to use p2p. I can’t figure it out, I have read endless mikrotik wiki pages about firewall but I can’t get my head around.

Any help would be appreciated.

Cheers

cbrown · April 19, 2012, 12:28am

Accept 251-254 before you drop the p2p traffic.

gsepulveda · April 19, 2012, 12:33am

Thanks for that, can you explain that a bit further ? sorry , not the most avid mikrotik user here

Cheers

cbrown · April 19, 2012, 12:44am

You can accept that range of addresses like 192.168.88.251-192.168.88.254 or you can put each in an address list and accept the address list. Once something is accepted it is not processed through anymore rules, so it will not hit your drop rule. You will probably need a rule to accept the IPs from src-address and the another rule for dst-address. Does this help?