Hi everyone
I had a problem with mikrotik firewall.
I want to drop windows update using ip - firewall - filter. the problem is if i accept established and related connection at the top firewall rules, "Drop windows update" rules not work. nut if I put them at the top they work nice!
this is my configuration. anything I missed?
# model = 2011UiAS-2HnD
/ip firewall filter
add action=accept chain=forward comment=established connection-state= established,related
add action=accept chain=input comment=established connection-state= established,related
add action=drop chain=forward comment=invalid connection-state=invalid disabled=yes
add action=drop chain=input comment=invalid connection-state=invalid
add action=drop chain=forward comment="windown update" content= update.microsoft.com
add action=drop chain=forward comment="windown update" content= download.microsoft.com
add action=drop chain=forward comment="windown update" content= ntservicepack.microsoft.com
add action=drop chain=forward comment="windown update" content= stats.microsoft.com
add action=drop chain=forward comment="windown update" content= windowsupdate.microsoft.com
add action=drop chain=forward comment="windown update" content= download.windowsupdate.com
add action=drop chain=forward comment="windown update" content= windowsupdate.com
add action=drop chain=forward comment="windown update" content= wustat.windows.com
and also when "add action=drop chain=forward comment=invalid connection-state=invalid " is active my branch office couldn't connect and ping my LAN !!? (our office : 192.168.40.0/24 & Branch Office : 192.168.41.0/24 )
Thank you all.