I have been learning how my mikrotik device works for a couple of months and I still consider myself a newbie when it comes to networking. So, I still find myself struggling with the networking terminology and mikrotik setup.
I have this rule for example:
add action=drop chain=input comment="drop all not coming from LAN" in-interface-list=!LAN
What is really supposed to mean “LAN” in Mikrotik setup in this case?
I removed an interface (ether3) from the bridge and set for it a different subnet from bridge.
So would this rule affect the traffic coming from my interface (ether3) with a different subnet too?
I mean, is ether3 not being part of LAN?
my interfaces:
So that rule above should drop input traffic coming from one of my devices connected to ether3 because it isn’t in the LAN list, and it is indeed a diffrent LAN? Correct?
Thank you
The firewall filter rule parameter XX-interface-list (XX can be either in or out) points to interface list, which explicitly states member interfaces. There’s no magic inside router to guess which interface might be part of some list or not. And LAN in example is just a random name for the interface list without any relation to intended functionality … other than it might mean something in admin’s spoken language … and remember, interface list membership doesn’t affect routing, it only affects the firewall rules (not only filter, nat, raw and others as well).