Community discussions

MUM Europe 2020
 
usman123
newbie
Topic Author
Posts: 33
Joined: Mon May 16, 2016 4:15 pm

Need Help Regarding Firewall Rules

Tue Dec 19, 2017 7:55 am

Hi,
Need some help regarding some basics firewall rules,i have block following things in my network.
1.Block Mac Discovey in my LAN,Allow only specific ip
2.Block traceroute in my LAN,Allow only specific ip
3.Block Ping in my LAN,Allow only specific ip
4.Block WEB FIG in my LAN.
5.Block ADSL Page in my LAN.
 
p3rad0x
Long time Member
Long time Member
Posts: 604
Joined: Fri Sep 18, 2015 5:42 pm
Location: South Africa
Contact:

Re: Need Help Regarding Firewall Rules

Wed Jan 03, 2018 3:05 pm

Hi,

1. Do you mean mac discovery like what you see in winbox when going to neighbors?
2. Blocking ping/trace route
/ip firewall filter add chain=forward src-address=![your allowed IP] protocol=icmp action=drop
This should drop all ICMP packets except ones from the allowed address, this will only work if a client tries and ping a ip in a different subnet. If you want to drop it on layer2 you will need bridge
firewall rules
3. Web fig goto ip --> services and only set the allowed ip next to port 80 and 443
4. If you mean the adsl page like in your default gateway add a firewall rule that drops port 80 with the lan subnet as src and default gateway as dst
There you go then you touched something ;-) : it only takes a change in wind direction to screw with your nat :-)

Who is online

Users browsing this forum: No registered users and 38 guests