Code: Select all
:set wanip [/ip address get [/ip address find interface=ether1] address]
Code: Select all
/ip firewall address-list add list=wan_ip address=$wanip
I have in mind to use it with a nat rule, so people can browse the web server behind nat using the Public IP address. I want to get rid of one DNS server to simplify everything.
Here is the rules that made it possible to browse a web server behind nat using the Public IP address (frequently asked by many people in this forum). This feature has many names, for example: Nat Loopback, Nat Reflection, or Nat Bouncing.
Code: Select all
/ ip firewall nat
add chain=dstnat dst-address=<Public_IP_address> protocol=tcp dst-port=80 action=dst-nat to-addresses=<Web_Server_IP_address> \
to-ports=0-65535 comment="" disabled=no
Code: Select all
/ ip firewall nat
add chain=srcnat dst-address=<Web_Server_IP_address> protocol=tcp dst-port=80 action=src-nat to-addresses=<Router_Internal_IP_address> \
to-ports=0-65535 comment="" disabled=no