I want to disable all incoming UDP packet, unless source port is 1812 or 1813, or dest port is 3799. I tried to use two rules:
/ip firewall filter chain=input action=drop protocol=udp src-port=!1812,1813
/ip firewall filter chain=input action=accept protocol=udp dst-port=3799
But this doesn’t seem to work. Input packet with dest port 3799 are blocked. How to correct the rules?
Put the accept rule before the drop rule. Firewall rules are processed in order top to bottom.
Sent from my LG-D850 using Tapatalk
That would make an AND situation. The dst port would need to be 3799 and souce either 1812 or 1813 or the packet would drop.
Those rules are still AND gated. Traffic will only pass to port 3799 from either 1812 or 1813. All other packets will be dropped. The rules here are functionally the same as what was suggested in post #3, but in 3 lines rather than 2.
Sent from my LG-D850 using Tapatalk
Not all packets are showing up in my firewal ?
If you have rules for Established, Related before these rules, the remaining packets are probably accepted there. These rules would only match the first packets in the connection.
Sent from my LG-D850 using Tapatalk
My understanding is the first packet is a “new” one
Then Comes the established and related
But i see movement on my interfaces
But the firewall doesnt seem to represent the data flowing
And fastpath and fasttrack is disabled