Community discussions

MikroTik App
 
merdenoms
just joined
Topic Author
Posts: 9
Joined: Mon May 28, 2018 8:51 am

Allow sending e-mail through Gmail smtp but block everything else

Sat Jan 05, 2019 11:06 pm

I have a rule in my firewall that blocks any external access for an IP cam under the IP 192.168.1.10

I am using the GUI but my firewall rule will be something such as:
/ip firewall filter add action=drop chain=forward src-address=192.168.1.10

There is an option on the IP cam GUI that allows me to send an e-mail alert via Gmail SMTP.
It connects using my Gmail credentials to smtp.gmail.com on port 465.

How can I allow 192.168.1.10 to send an e-mail via Gmail SMTP?
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18959
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Allow sending e-mail through Gmail smtp but block everything else

Sat Jan 05, 2019 11:42 pm

Well, I use explicit drop rule at the end of my forward chain so If I dont allow specific traffic it is always dropped - easy and secure.
Assuming you want this traffic to go out to the internet.
Thus for me it simply be a matter of.........
/ip firewall filter
add action=accept chain=forward src-address=192.168.1.10 protocol=tcp destination port=465 out-interface=WAN


If you do not use a drop all else rule in your setup then you could do it two ways.
one, an allow rule followed by a drop rule
Two, a combined rule.

1
/ip firewall filter
add action=accept chain=forward src-address=192.168.1.10 protocol=tcp destination port=465 out-interface=WAN
add action=drop chain=forward src-address=192.168.1.10 out-interface=WAN

2
/ip firewall filter
add action=drop chain=forward src-address=192.168.1.10 protocol=tcp destination port=!465 out-interface=WAN

(the filter will drop all traffic from the web cam, headed out the wan to all ports except port 465)
 
merdenoms
just joined
Topic Author
Posts: 9
Joined: Mon May 28, 2018 8:51 am

Re: Allow sending e-mail through Gmail smtp but block everything else

Sun Jan 06, 2019 12:02 am

Thank you. That works for me.

I was trying something similar but was off by one option.
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 2098
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Krugersdorp (Home town of Brad Binder)
Contact:

Re: Allow sending e-mail through Gmail smtp but block everything else

Sun Jan 06, 2019 12:28 am

below is rules i use to allow mails to / from gmail.
#first create address list
/ip firewall address-list
add address=smtp.gmail.com list=Gmail-SMTP

/ip firewall filter
add action=accept chain=forward comment="G-Mail SMTP" dst-address-list=Gmail-SMTP dst-port=587 out-interface-list=WAN protocol=tcp src-address=<internal device>
add action=accept chain=forward comment="G-Mail SMTP" dst-address=<internal device> in-interface-list=WAN protocol=tcp src-address-list=Gmail-SMTP src-port=587
Please the firewall filter rules above drop rules

Who is online

Users browsing this forum: Bing [Bot], SMARTNETTT and 31 guests