Hello!
My Mikrotik router is default gateway as well as DHCP and DNS server for several subnets. Currently the router accepts all incoming packets (chain “input”) from these subnets, but I want to restrict that with firewall rules. I would allow router services like DNS and block everything else from these subnets in the “input” chain of the router firewall. What about DHCP? Is it necessary to open ports in the firewall for DHCP service? Or is that done automatically, if the router acts as DHCP server for a subnet? If I have to explictly allow DHCP communication between router and a certain subnet, what does the firewall configuration look like? Is there any example? I guess, it’s a very common use case.
Thanks!