[ask] bridging rule

larmaid · Tue Jan 16, 2007 7:03 pm

any tutorial about bridging rule.....???

larmaid · Wed Jan 17, 2007 12:07 pm

weks.......anyone

Wed Jan 17, 2007 1:46 pm

What kind of rules tutorial do you need ?
http://www.mikrotik.com/testdocs/ros/2. ... php#4.14.7

larmaid · Wed Jan 17, 2007 2:31 pm

wew finally....well i already read the bridge manual but that dont result anything........in bridge-filter does it same as firewall for bridging..??

Wed Jan 17, 2007 2:40 pm

Bridge firewall implements filtering for data from to or trough bridge.

larmaid · Wed Jan 17, 2007 3:06 pm

is that mean the same as firewall in ip-firewall...??

Wed Jan 17, 2007 3:08 pm

larmaid · Wed Jan 17, 2007 3:20 pm

well i try a simple rule in bridge-filter but it didnt work...??
the rule is like this :

interface: in interface-lan1
out interface-lan2

IP : src.address-192.168.10.0/24
dst.address-10.10.15.0/24

Action : drop

lan1 & lan2 is in the same bridge

larmaid · Wed Jan 17, 2007 6:34 pm

can anyone help...pliss

Thu Jan 18, 2007 8:41 am

Could you provide complete rule or export from 'interface bridge fiter' ?

larmaid · Mon Jan 22, 2007 6:02 am

interface-bridge-filter>add chain=forward in-interface=lan1 out-interface=lan2 src.address=192.168.10.0/24 dst.address=10.10.15.0/24 action=drop

note :
i got 4 ether and i bridge all

when i apply the rule the 192.168.10.0/24 still can connect to 10.10.15.0/24.....????
is something wrong with my rule.....if so please help......thx

larmaid · Tue Jan 23, 2007 6:20 am

hello.....need help pliss

sten · Tue Jan 23, 2007 8:30 pm

to filter traffic going *through* your bridge (going from one interface to another) you need to add rules to "forward" chain.
The input/output chains are reserved for traffic going *TO* or *FROM* your bridge, as in winbox and routed traffic.

larmaid · Mon Jan 29, 2007 6:24 pm

@sten can i delete the bridge (that connected all the ether) and set all the 4 ether with specified ip....with the same subnet..and i want all the 4 ether are connected?? i've try this one but all the 4 ether cannt connected!!!

sten · Tue Jan 30, 2007 12:58 am

what's your configuration?
and what do you want to achieve?

sky_16 · Tue Jan 30, 2007 5:43 am

larmaid · Tue Jan 30, 2007 6:57 pm

okay heres my configuration that i want to achive:

ether 1 - with ip = 10.10.1.1/255.255.0.0 (local) (reply only)
ether 2 - with ip = 10.10.2.1/255.255.0.0 (local)
ether 3 - with ip = 10.10.3.1/255.255.0.0 (local)
ether 4 - with ip = 202.165.x.x (global)

what i want to is all ether can connect each other without to creat a bridge.....!!!!!

thx

tneumann · Tue Jan 30, 2007 7:33 pm

ether 1 - with ip = 10.10.1.1/255.255.0.0 (local) (reply only)
ether 2 - with ip = 10.10.2.1/255.255.0.0 (local)
ether 3 - with ip = 10.10.3.1/255.255.0.0 (local)

Address overlap... they're all 10.10/16

what i want to is all ether can connect each other without to creat a bridge.....!!!!!

Well, if you do not create a bridge, then you'd have to route... but you can't because your network address ranges overlap. Sounds like you're stuck and need to rethink your network design.

--Tom

larmaid · Wed Jan 31, 2007 1:43 am

so that means i need to bridge, right??

sten · Wed Jan 31, 2007 8:28 pm

no

you have a fundamental flaw in your design

you need to apply correct subnet masks.

hint: correct subnet masks for the subnetting you chose is 255.255.255.0 but you need to find out how this affects your routing tables.

larmaid · Sat Feb 03, 2007 7:43 pm

i need to change my subnet for each ether......

sky_16 · Mon Feb 05, 2007 3:06 pm

larmaid...it's ur job to re-design the network

[ask] bridging rule

[ask] bridging rule

Who is online