Community discussions

MikroTik App
 
martysm
just joined
Topic Author
Posts: 3
Joined: Sun Jul 10, 2022 9:36 pm

Is drop/fwd multiple MACs in one rule possible/advisable?

Mon Dec 04, 2023 10:53 pm

I have a Hex on 7.12.1 and I have set a rule to protect a device from contacting, or being contacted by, it's mfgr:
add action=drop chain=forward comment="block SlingBox from internet" log-prefix="SB ESC ATMT" src-mac-address=00:13:B6:0F:99:8F
It seems to have worked bc if I set logging, it seems to try to call home about every 30 seconds or so but it's blocked(and my device has yet to be bricked). So it works well.

Now, I have set up a wireguard VPN and closed all my other open ports. I access a bunch of IPCams via wireguard now. All is good. Works great.

I want to similarly block all these cams from calling home. Is it possible to do this in the one rule above or one copy of it? The winbox GUI doesn't seem to encourage doing this as there is only one Src MAC address field. I've got 6 cams. What is best practice? 6 separate rules? Can you delimit a list in the SrcMAC entry with commas? Can you create a list file and reference that? Something else that's better?

I'm new to Mikrotik.and I've experienced a few really painful "learning opportunities". I am really happy with what I've built and I don't want to screw it up. This is the first question I haven't been able to search up an answer to.

Thanks much.

Who is online

Users browsing this forum: Ahrefs [Bot] and 15 guests