Hello all,
I would appreciate if there was a method do dynamically add firewall rules to allow UPnP communication or allow packet/connection marking for packet that goes through dst-nat created by UPnP.
Thanks
Deleted because not related.
Hi,
not really, I wanted to add dynamic rules or marks to filter out the traffic that was NOT initiated from “internal” interface.
My understanding is that for UPnP to work properly, there has to be a forward rule defined. I wanted Mikrotik box to filter out traffic that doesn’t have coresponding UPnP session instead of general rule that allows forwarding anything.
UPnP sessions expire and the rule is added/removed automatically.
Works great on my XBOX360.
NAT rule is added dynamically, not firewall rule… at least my box doesn’t do that.
I also do not see a firewall rule being created, only the dst-nat rule which is not sufficient. Am I missing something?