MrBIO
May 14, 2022, 12:05pm
1
Doesn’t work for some reason. Router: hAP ac lite. RouterOS: 6.49.6.
0 chain=srcnat action=masquerade out-interface=WAN
1 ;;; CSGO Server
chain=dstnat action=dst-nat to-addresses=192.168.1.254 to-ports=27015
protocol=tcp in-interface=WAN dst-port=27015
2 ;;; CSGO Server
chain=dstnat action=dst-nat to-addresses=192.168.1.254 to-ports=27015
protocol=udp in-interface=WAN dst-port=27015
Thanks for help!
(Yes those ports are enabled in windows firewall)
anav
May 14, 2022, 6:51pm
2
Nothing wrong with your rules so I guess thats it then.
Or maybe you can actually share your config so we can see what is actually going on!
MrBIO
May 14, 2022, 7:14pm
3
Nothing wrong with your rules so I guess thats it then.
Or maybe you can actually share your config so we can see what is actually going on!
Yeah sorry. Here:
/interface bridge
add admin-mac=48:8F:5A:75:5C:C2 auto-mac=no comment=defconf name=local
/interface ethernet
set [ find default-name=ether1 ] name=WAN
/interface list
add name=listBridge
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=\
Profile supplicant-identity=""
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \
country="Censored" disabled=no distance=indoors mode=ap-bridge \
security-profile=Profile ssid=ManaMana2 wireless-protocol=802.11
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=\
20/40/80mhz-XXXX country="Censored" disabled=no distance=indoors \
mode=ap-bridge security-profile=Profile ssid=ManaMana5
/ip pool
add name=dhcp ranges=192.168.1.240-192.168.1.254
add name=dhcp_pool1 ranges=192.168.1.240-192.168.1.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=local name=dhcp
/interface bridge port
add bridge=local comment=defconf interface=ether2
add bridge=local comment=defconf interface=ether3
add bridge=local comment=defconf interface=ether4
add bridge=local comment=defconf interface=ether5
add bridge=local interface=wlan1
add bridge=local interface=wlan2
/ip neighbor discovery-settings
set discover-interface-list=listBridge
/interface detect-internet
set detect-interface-list=all
/interface list member
add interface=local list=listBridge
/interface wireless cap
set bridge=local discovery-interfaces=local interfaces=wlan1,wlan2
/ip address
add address=192.168.1.1/24 interface=local network=192.168.1.0
/ip arp
add address=192.168.1.250 comment=SetTopBox interface=local mac-address=\
1C:3A:DE:A4:06:07
/ip cloud
set update-time=no
/ip dhcp-client
add disabled=no interface=WAN
/ip dhcp-server network
add address=192.168.1.0/24 gateway=192.168.1.1 netmask=24
/ip firewall filter
add action=fasttrack-connection chain=forward connection-state=\
established,related
add action=accept chain=input connection-state=established,related
add action=drop chain=forward connection-state=invalid
add action=drop chain=forward connection-nat-state=!dstnat connection-state=\
new in-interface=WAN
/ip firewall nat
add action=masquerade chain=srcnat out-interface=WAN
add action=dst-nat chain=dstnat comment="CSGO Server " dst-port=27015 \
in-interface=WAN protocol=tcp to-addresses=192.168.1.254 to-ports=27015
add action=dst-nat chain=dstnat comment="CSGO Server" dst-port=27015 \
in-interface=WAN protocol=udp to-addresses=192.168.1.254 to-ports=27015
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set api disabled=yes
/system clock
set time-zone-name=Censured
/tool bandwidth-server
set enabled=no
/tool mac-server
set allowed-interface-list=listBridge
/tool mac-server mac-winbox
set allowed-interface-list=listBridge
Sob
May 14, 2022, 7:48pm
4
Public IP address, do you know what it is and do you have one?
anav
May 14, 2022, 7:48pm
5
If this is facing the internet the firewall ruleset it weak.
