Community discussions

MUM Europe 2020
 
User avatar
astounding
Member Candidate
Member Candidate
Topic Author
Posts: 121
Joined: Tue Dec 16, 2008 12:17 am

Is there any way to... (firewall and bridge question)

Thu Jul 23, 2009 8:14 pm

Hi,

Is there any possible way to determine within a firewall chain the physical interface a packet entered IF that physical interface belongs to a bridge?

So far as I can tell by experimentation, this is impossible. The "in-interface" only matches the bridge interface.

Any ideas? Pointers?

Thanks!
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8319
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Is there any way to... (firewall and bridge question)

Thu Jul 23, 2009 11:14 pm

look at 'in-bridge-port' and 'out-bridge-port'

if not - check that /interface bridge settings set use-ip-firewall=yes
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
Fran66
newbie
Posts: 43
Joined: Fri Jan 21, 2005 8:10 pm
Location: Panama
Contact:

Re: Is there any way to... (firewall and bridge question)

Sat Dec 25, 2010 12:09 am

look at 'in-bridge-port' and 'out-bridge-port'

if not - check that /interface bridge settings set use-ip-firewall=yes
Those options for some reason doesn't work, can someone address this problem?
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8319
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Is there any way to... (firewall and bridge question)

Sat Dec 25, 2010 6:32 pm

what version of ROS do you use?
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.

Who is online

Users browsing this forum: MSN [Bot] and 112 guests