Hi again from Germany,
i have a little problem. I have 2 SDSL-Modems and in my private network 2 servers.
The RB750 runs fine, but i have a entry, where the counter is 0 and i not unterstand why.
Here the config:
[admin@MikroTik] /ip firewall filter> export
# mar/04/2011 15:34:53 by RouterOS 4.16
# software id = xxxx-yyyy
#
/ip firewall filter
add action=drop chain=input comment="Drop invalid packets" connection-state=invalid disabled=no in-interface=ether1-TDSL
add action=drop chain=input comment="" connection-state=invalid disabled=no in-interface=ether2-QSC1
add action=drop chain=input comment="" connection-state=invalid disabled=no in-interface=ether3-QSC2
add action=accept chain=input comment="default configuration" disabled=no in-interface=ether1-TDSL
add action=accept chain=input comment="" disabled=yes in-interface=ether2-QSC1
add action=log chain="log and drop" comment="Drop Networks from China, Amazon etc." disabled=no log-prefix="" src-address-list=block
add action=drop chain="log and drop" comment="" disabled=no src-address-list=block
add action=jump chain=forward comment="" disabled=no jump-target="log and drop" src-address-list=block
add action=accept chain=forward comment="Allowed for Portforwarding" disabled=no dst-port=80 in-interface=ether2-QSC1 protocol=tcp
add action=accept chain=forward comment="" disabled=no dst-port=1433 in-interface=ether2-QSC1 protocol=tcp
add action=accept chain=forward comment="" disabled=no dst-port=80 in-interface=ether3-QSC2 protocol=tcp
add action=log chain="log and drop" comment="Drop the rest on QSC1" disabled=no in-interface=ether2-QSC1 log-prefix=""
add action=drop chain="log and drop" comment="" disabled=no in-interface=ether2-QSC1
add action=jump chain=forward comment="" disabled=no in-interface=ether2-QSC1 jump-target="log and drop"
add action=log chain="log and drop" comment="Drop the rest on QSC2" disabled=no in-interface=ether3-QSC2 log-prefix=""
add action=drop chain="log and drop" comment="" disabled=no in-interface=ether3-QSC2
add action=jump chain=forward comment="" disabled=no in-interface=ether3-QSC2 jump-target="log and drop"
[admin@MikroTik] /ip firewall filter>
Little description:
- All invalid packets dropped
- All networks in my address-list must dropped (china, amazon, servers to grab websites etc.)
- Accept Portforwarding for port 80 and 1433 (mssql) (I have the entrys in firewall/NAT and runs fine)
- Drop the rest on ether2 (QSC1) and ether3 (QSC2)
But, i see no dropped packets in my log. And print stats show me that:
Flags: X - disabled, I - invalid, D - dynamic
# CHAIN ACTION BYTES PACKETS
0 ;;; Drop invalid packets
input drop 240 6
1 input drop 84 2
2 input drop 124 3
3 ;;; default configuration
input accept 7340 68
4 X input accept 0 0
5 ;;; Drop Networks from China, Amazon etc.
log and drop log 94200 1570
6 log and drop drop 94200 1570
7 forward jump 94200 1570
8 ;;; Allowed for Portforwarding
forward accept 1052058 12083
9 forward accept 378287 2913
10 forward accept 921469 10446
11 ;;; Drop the rest on QSC1
log and drop log 0 0
12 log and drop drop 0 0
13 forward jump 0 0
14 ;;; Drop the rest on QSC2
log and drop log 0 0
15 log and drop drop 0 0
16 forward jump 0 0
[admin@MikroTik] /ip firewall filter>
If i look in Winbox/Interfaces and click on ether2-QSC1 on the “Torch”-Button, i see sometimes a machine internet try to access on port 25, port 443 and so on. But the counter counts not and i see nothing in logs.
Where is my mistake?
Hope everyone can help me 
Best regards
Andy