Community discussions

MikroTik App
 
User avatar
acald3ron
just joined
Topic Author
Posts: 18
Joined: Tue Jan 06, 2015 8:26 am
Location: Rosarito, México
Contact:

wiki firewall update

Thu Feb 25, 2016 5:04 am

i got some firewall filters that i add from the wiki:

http://wiki.mikrotik.com/wiki/Securing_your_router
/ ip firewall filter
add chain=input connection-state=established comment="Accept established connections"
add chain=input connection-state=related comment="Accept related connections"
add chain=input connection-state=invalid action=drop comment="Drop invalid connections" 
add chain=input protocol=udp action=accept comment="UDP" disabled=no 
[b]add chain=input protocol=icmp limit=50/5s,2 comment="Allow limited pings" [/b]
add chain=input protocol=icmp action=drop comment="Drop excess pings" 
add chain=input protocol=tcp dst-port=22 comment="SSH for secure shell"
add chain=input protocol=tcp dst-port=8291 comment="winbox" 
# Edit these rules to reflect your actual IP addresses! # 
add chain=input src-address=159.148.172.192/28 comment="From Mikrotikls network" 
add chain=input src-address=10.0.0.0/8 comment="From our private LAN"
# End of Edit #
add chain=input action=log log-prefix="DROP INPUT" comment="Log everything else"
add chain=input action=drop comment="Drop everything else"
i got a error in the line icmp: "/ip firewall filter> add chain=input protocol=ic
mp limit=50/5s,2 comment="Allow limited pings"
expected : (line 1 column 44)"
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 1769
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: wiki firewall update

Thu Feb 25, 2016 6:15 am

i think
add chain=input limit=10,0:packet protocol=icmp
has similar results
 
User avatar
karlisi
Member Candidate
Member Candidate
Posts: 285
Joined: Mon May 31, 2004 8:09 am
Location: Latvia

Re: wiki firewall update

Thu Feb 25, 2016 10:40 am

i got some firewall filters that i add from the wiki:

http://wiki.mikrotik.com/wiki/Securing_your_router

i got a error in the line icmp: "/ip firewall filter> add chain=input protocol=icmp limit=50/5s,2 comment="Allow limited pings"
expected : (line 1 column 44)"
Have You copy/paste the script from that wiki? Just in case - try to overwrite manually the comma in 50/5s,2.
---
Karlis

Who is online

Users browsing this forum: anav, Baidu [Spider], complex1, Google [Bot], rezagolshan and 111 guests