Where can I find a good tutorial which explains me firewall rules.
Concretely, I am concerned about the order of the rules. Which rules belong to the beginning and which to the end. Include INPUT, OUTPUT or FORWARD. In other words, they should all be (following) together?
thank you
Rosi
Order or rules is important, because it influences the amount of processing required for each packet. The most often used rules should be before rarely used ones. So in most cases, your very first rule should be the one for accepting established and related connections, because it will catch vast majority of packets. This is for rules in one chain.
Order of rules between different chains does not matter, because packet will only go into one (packet which gets in input chain won’t ever go in forward or output, etc…). So you can mix it together (input, forward, forward, output, input, forward, output) but I think it’s more clear when you keep rules for individual chains together (forward, forward, forward, input, input, output, output).
If you use Winbox, you can actually filter your rules by chain, so you can work with only one chain at a time. Makes things a little easier to see.
This is possible in Webfig as well!
Still, I normally keep the rules together by table (by moving them up after adding).
I know about filtering by chain and I sometimes use it when I have large chains. But usually configs I work with are simpler and all rules fit on a page or two. Plus if there are subchains, it’s more convenient to see it all together. But yeah, it’s all just a personal preference.
Greetings everybody. I need a little help. I bought my first mikrotik a few days ago (rb941-2nd-tc). I have very very basic knowledge about networking, i managed to set up the rb941 as a pppoe client (my current isp router is in bridge mode now, its only job is to provide its modem for the internet connection and for my telephone-voip). The only thing i need help with for now is with firewall. i want to make the rb941 secure, as well as the rest of the pc-s that are connected to it. i used this tutorial to set up the connection and basics https://www.youtube.com/watch?v=qH2qHGMCAQU . i also used the firewall rules in that tutorial. After that i additionally set up the firewall by using this tutorial: http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Filter#Router_protection
will that be enough for everyday usage of my pc-s (torrents, games, regular surfing, windows homegroup, etc…)?
Thank you
Anyone?
It’s safe to start with default firewall (*), it blocks everything from WAN and that’s the main thing you need. You can see what your device had using:
/system default-configuration print
Look for stuff under “/ip firewall”, it’s just few rules, it should be easy to understand what they do. I think they were also listed somewhere in MikroTik wiki.
(*) There’s one important thing to watch for - default firewall has ether1 interface as WAN. If you connect to internet using PPPoE, client interface is your real WAN, so it needs to be changed in rules.
If you want to improve it, I suggest to not blindly follow random tutorials found online. Not that they would be necessarily bad, but it’s always good to know what exactly are you doing and why.