Community discussions

MikroTik App
 
User avatar
mambotech
Member Candidate
Member Candidate
Topic Author
Posts: 112
Joined: Thu Jun 08, 2006 6:20 pm

Exclude ip address from firewall rules

Sat Oct 27, 2007 4:19 pm

Hi,

I want to exclude an ipaddress from some of my firewall rules but I am not sure how to do this.

Thanks Mark
 
jonashi
newbie
Posts: 45
Joined: Tue Feb 13, 2007 12:19 am
Location: Europe

Re: Exclude ip address from firewall rules

Sat Oct 27, 2007 5:22 pm

there are many ways. One of them is:
You can do it simply in winbox by check box by one click
ip->firewall->general ->add
in src address or dst addres (that depends on rule you are about to use) click on small box located on the left of address field, then appears exclamation mark (!) in there. This does mean that rule will work only with ip addressess whose do not satisfy that condition, in this specific case for example you want bypass the rule for a specific IP address lets say 10.0.0.1, then you should have that address in rule and exclamation mark before it in the box. That does mean IF IT IS NOT 10.0.0.1 THEN DO THE RULE. In case 10.0.0.1 rule is bypassed.
Hope that helps
Patrik
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8389
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Exclude ip address from firewall rules

Sat Oct 27, 2007 11:16 pm

or just add a rule on the top of chain, with address=<your_address> and action = accept
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
User avatar
saintofinternet
Forum Veteran
Forum Veteran
Posts: 761
Joined: Thu Oct 15, 2009 3:52 am

Re: Exclude ip address from firewall rules

Tue Nov 19, 2013 2:13 pm

i have a similar problem

i have a firewall working with a WEB PROXY working at the same time. All traffic directed to port 6565. The IP Pool is 192.168.1.150-192.168.1.250

i also have a VPN where the IP pool is 10.10.1.1-10.10.1.20

now i just want to exclude all VPN users from the firewall and webproxy and allow them full access.

i just cannot figure out how to achieve this.
by professionals, for professionals....
Don't forget to give KARMA!!!
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8389
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Exclude ip address from firewall rules

Tue Nov 19, 2013 2:52 pm

just add a rule on the top of chain, with address=<your_address> and action = accept
both in Filter and NAT :)
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
User avatar
saintofinternet
Forum Veteran
Forum Veteran
Posts: 761
Joined: Thu Oct 15, 2009 3:52 am

Re: Exclude ip address from firewall rules

Sun Apr 27, 2014 5:30 am

thanx !!! :-)

actually adding the rule in the NAT table only worked...

the same rule in Firewall table does not make any difference...

sorry for the very late reply.
by professionals, for professionals....
Don't forget to give KARMA!!!

Who is online

Users browsing this forum: Google [Bot], yoliveras and 50 guests