Using 4.3 and fairly new to Mikrotik. I am trying to remote to my Mikrotik routers subnets (B-F) through another local network (A). I was getting errors in my logs going from the Mikrotik to my main router to (A). I have resolved those. I cannot ping or traceroute to my subnets on my Mikrotik and need more log information to determine why. As of now the logging on Mikrotik is not what I would expect of a router log. Any suggestions on how to get denies and accepts on the Mikrotik system?
It will only log what you tell it to.
Instead of just dropping a packet, create a chain called log-drop and jump to the log-drop chain.
You could also create a log-accept chain to log accepts (only do this on NEW connections!!!)
Example use of silent drops
add action=jump chain=input comment=“*** Silently Drop DHCP In ***” disabled=no dst-port=68,67 in-interface=ether1 jump-target=silentdrop protocol=udp
Example use of log-drops
add action=jump chain=input comment=“Log Drop Everything Else” disabled=no jump-target=logdrop
add action=jump chain=forward comment=“” disabled=no jump-target=logdrop
Both of which jump to these chains
add action=log chain=logdrop comment=“” disabled=no log-prefix=“”
add action=drop chain=logdrop comment=“” disabled=no
add action=drop chain=silentdrop comment=“” disabled=no
Play with the log settings until you get what you need. For my purposes, this works…
/system logging action
set memory memory-lines=100 memory-stop-on-full=no name=memory target=memory
set disk disk-file-count=2 disk-file-name=log disk-lines-per-file=100 disk-stop-on-full=no name=disk target=disk
set echo name=echo remember=yes target=echo
set remote bsd-syslog=no name=remote remote=so.me.ip.ad:514 src-address=0.0.0.0 syslog-facility=local6 syslog-severity=debug target=remote
/system logging
add action=memory disabled=no prefix=“” topics=info
add action=remote disabled=no prefix=error topics=error
add action=remote disabled=no prefix=warning topics=warning
add action=remote disabled=no prefix=firewall topics=firewall
add action=remote disabled=no prefix=wireless topics=wireless
add action=remote disabled=no prefix=system topics=system
add action=remote disabled=no prefix=watchdog topics=watchdog
add action=remote disabled=no prefix=web topics=web-proxy,!debug