Code: Select all
:global MySubnet [:put [/ip firewall nat get [find where dst-address="192.168.0.0/16"] src-address]]'
ip firewall address-list add address=192.168.0.0/16 list=BlockLAN'
ip firewall address-list add address=10.100.0.0/16 list=BlockLAN'
ip firewall filter add action=drop chain=input dst-address=$MySubnet protocol=icmp src-address=!10.100.0.100 src-address-list=BlockLAN place-before=0'
ip firewall filter add action=drop chain=forward dst-address=!10.100.0.100 dst-address-list=BlockLAN protocol=icmp src-address=$MySubnet place-before=0'
Is it possible?