How to import firewall rules

MikiM · March 13, 2016, 8:36pm

I have RB 751U-2HnD (fw.6.34.2) and I want to now how to import firewall rules.

I tried to do this, but get error:

[root@MikroTik] > import firewall.rsc

expected command name (line 12 column 1)

Thx Mike

BartoszP · March 13, 2016, 9:40pm

Try this:

import file-name=firewall.rsc

MikiM · March 14, 2016, 5:33pm

Not possible…

[root@MikroTik] > import file-name=firewall.rsc
expected command name (line 12 column 1)
[root@MikroTik] > import file-name=firewall.rsc
expected command name (line 12 column 1)
[root@MikroTik] >

BartoszP · March 14, 2016, 6:10pm

The problem is inside firewall.rsc … line 12 column 1 … could you post your firewall.rsc ?

MikiM · March 14, 2016, 6:50pm

mar/04/2016 20:29:02 by RouterOS 6.34.2

software id = GE10-???

/ip firewall filter
add chain=forward disabled=yes
/ip firewall mangle
add chain=forward connection-nat-state=srcnat in-interface=ether4
out-interface=“Drei 4G”
/ip firewall nat
add action=masquerade chain=srcnat out-interface=“Drei 4G”

So far is the new one..

From here is the old one (fw 2.95)

Standart Firewall (Standart firewall setting)

/ip firewall filter add chain=forward connection-state=invalid action=drop comment=“Drop invalid connections” disabled=no
/ip firewall filter add chain=forward connection-state=established action=accept comment=“Established Connections” disabled=no

ZeroByte · March 14, 2016, 8:22pm

add a \ to the end of the line before the one that starts with “disabled=no”

this hard carriage return is what’s messed up the script - or you could just backspace the “disabled=no” to be on the same line as the rest of the command before it.

MikiM · March 14, 2016, 10:15pm

Pls. wrote me down the what you really means..

ZeroByte · March 14, 2016, 10:20pm

It might just be the forum’s software that did this on my screen:
/ip firewall filter add chain=input connection-state=invalid action=drop comment=“Drop invalid connections” disabled=no
/ip firewall filter add chain=input tcp-flags=!syn connection-state=established action=accept comment=“Accept established connections” disabled=no
/ip firewall filter add chain=input connection-state=related action=accept comment=“Accept related connections” disabled=no
/ip firewall filter add chain=input action=jump jump-target=virus comment=“!!! Check for well-known viruses !!!” disabled=no

(the underlined disabled=no was on its own line on my screen)

If this is on its own line in your script, either move it up to be on the same line with the rule after “Accept established connections” or else add a \ character to the end of that line.

Basically, open your script file, count down to the 12th line, and that’s where your problem is - fix whatever syntax error you find there and try again.

MikiM · March 15, 2016, 4:54pm

Hi ZeroByte,

Really I have to delete some line and some comments and now works fine!

Thx Mike