How to Filter specific IP using RB450G

ofaruq08 · January 14, 2012, 7:32am

Dear All,

How to Filter specific using RB450G?

If you have plz help me how to filtering ip address and block browsing and continue outlook mail downloading.

Thank
you
Faruque

tjc · January 14, 2012, 7:02pm

For reference start with the manual page on the wiki: http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Filter

You will need to enable the firewall and add some filtering rules.

Do you want to filter by source address or destination address? To be more specific, are you trying to deny web browsing access from a particular users IP, or to (a) particular web site(s)?

To allow specific services to be used while others are blocked for a particular source address the best approach is a pair of rules. The first ones allows only the desired services, and the second blocks anything else:

/ip firewall filter
add action=accept chain=forward protocol=tcp src-address=__YOUR_BLOCKED_IP_HERE__ dst-port=25,2525,465,143,993,110,995 \
  comment="only allow email ports"
add action=drop chain=forward src-address=__YOUR_BLOCKED_IP_HERE__

These need to be added or moved to the appropriate place in your filter chains.

dakatech · January 20, 2012, 6:51am

TJC

I’ve a similar problem that maybe you can help with!

I need to limit access to and via a 711 to just one piece of equipment with one MAC address.
I have two 711’s configured as a point to point link with a bridge from wlan to ether set up on them both.
One end (office) has a switch and 4 PC’s connected.
The other end has a video recorder connected that is viewed from one of the PC’s in the office.
The recorder has a static IP address.
The problem I have is that a “nice” person unplugs the DVR and connects a PC in it’s place. The person can now access anything on the other end of the radio link.

I think (occasionally, but today is not one of those times) that if I could use mac address filtering I could stop this happening by allowing traffic to and from one mac address only.

I have tried using a firewall in the bridge from wlan to ether but can’t get it to work ( I can get it to work using IP address filtering, but the person is clever enough to set his PC to the same IP address as the recorder)!

Any help you can give would be appreciated.

Thanks

Dave

tjc · January 21, 2012, 4:58am

See my reply in your other thread… http://forum.mikrotik.com/t/mac-address-filtering/53499/1