I want cc:ef:48:87:05:cb to ONLY be able to connect to 00:22:4d:4b:49:6f, and drop any other MAC destination.
How do I do this? There is no “!” or “NOT” option in Swos 1.6. See attachment… Thanks
Hello,
the Docu is here for this:
http://wiki.mikrotik.com/wiki/SwOS#ACL_Tab
But its really short, perhaps, you should write an email to the mikrotik support guys for this and if you get a working set back, please post it here for all other users ?
Ronny
Hell yeah! What is this for a creepy issue?
Why is there no ! / NOT implemented? I also need this Feature.
Also there is no ability to select a Out-Interface.
I like to limit the bandwith for some destinations.
I sell 20/2 MBit to a customer which is connected to a 1 GbE via SFP. But within my Network we will provide full Gigabit.
So i need to limit the bandwith to 20 MBit in Egress and 2 MBit in Ingress for Port 1 for all IPv4 packets not in the subnet 192.168.0.0/24.
That is currently not possible with SwOS firmware v1.12.
As per documentation, if you do not specify any “redirect to” ports, the packet will be dropped.
In your example, the rules will drop those packages.
You need 2 ACL rules in the following order:
- cc:ef:48:87:05:cb to 00:22:4d:4b:49:6f redirect to the output port you need (or even to all ports, in your case 1,2,4,5, repeat for every destination MAC)
- cc:ef:48:87:05:cb to any (leave MAC dest. field blank) redirect to none (check redirect, but don’t specify any redirect port, meaning drop)
IMHO bandwith limitations needs some bitbucket queue, which is not available on plain switch chips alone, so it will never be available on this class of devices.