Hi,
this is my first post 
I’m fairly new to RouterOS so please bear with me.
I have the following bridge with members:
bridge2
→ eoip1
→ ether2
→ ether3
→ wlan1
I want both ether ports and the wlan1 port to be able to send PPPoE traffic to eoip1 but they should not be able to communicate with each other.
On the other hand I need to be able to communicate with the devices attached to wlan1 via IP for management purposes (the IP is attached to the bridge2 interface directly).
After looking through this forum I came up with this:
/interface bridge filter> pr
Flags: X - disabled, I - invalid, D - dynamic
0 X ;;; Allow everything from the tunnel
chain=forward action=accept in-interface=eoip1 in-bridge=bridge2
1 X ;;; Allow PPPoE Discovery through tunnel
chain=forward out-interface=eoip1 action=accept in-bridge=bridge2 mac-protocol=pppoe-discovery
2 X ;;; Allow PPPoE-Traffic through tunnel
chain=forward out-interface=eoip1 action=accept in-bridge=bridge2 mac-protocol=pppoe
3 X ;;; Standard rule: deny everything
chain=forward action=drop in-bridge=bridge2
How do I solve the last part of this puzzle?
Is rule 0 really neccesary or will the traffic from eoip1 pass through as response to rule 1 and 2?
Best regards
Max