Community discussions

MikroTik App
 
User avatar
Kentzo
Member Candidate
Member Candidate
Topic Author
Posts: 126
Joined: Mon Jan 27, 2014 3:35 pm

What interface represents Router in firewall's input chain?

Tue Jan 18, 2022 9:49 pm

For a certain firewall rule in the input chain I'd like to allow only some VLANs and router itself, but cannot figure out what interface represents router here.

I have tried to add a generic action=passthrough rule with a log and then use the ping tool on the router to its own local address, but RouterOS logs "in:(unknown 1) out:(unknown 0)".
Syntax highlighting and completions for the Mikrotik scripting language in Sublime Text.
Available via Package Control.
 
Sob
Forum Guru
Forum Guru
Posts: 8191
Joined: Mon Apr 20, 2009 9:11 pm

Re: What interface represents Router in firewall's input chain?

Tue Jan 18, 2022 9:53 pm

None you can see. We all know there's loopback interface, but MikroTik keeps it hidden from users. I think it's wrong, but that's the way it currently is.
Come on people, do you really have to quote full posts? It's annoying and in most cases useless.
 
User avatar
Kentzo
Member Candidate
Member Candidate
Topic Author
Posts: 126
Joined: Mon Jan 27, 2014 3:35 pm

Re: What interface represents Router in firewall's input chain?

Tue Jan 18, 2022 10:21 pm

Am I understanding right that it's impossible to have a firewall rule in the input chain that accepts only from the loopback interface?
Syntax highlighting and completions for the Mikrotik scripting language in Sublime Text.
Available via Package Control.
 
pe1chl
Forum Guru
Forum Guru
Posts: 8377
Joined: Mon Jun 08, 2015 12:09 pm

Re: What interface represents Router in firewall's input chain?  [SOLVED]

Tue Jan 18, 2022 10:26 pm

Alternatively you can check for a source address of Src.Address.Type "local".
Of course it is not really the same.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 11773
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: What interface represents Router in firewall's input chain?

Tue Jan 18, 2022 10:41 pm

What is the user requirement,,,,,,,,,,,,,, practical need to enable functionality that provides some service ?
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
MTUNA Certified, by the Ascerbic Llama!
 
User avatar
Kentzo
Member Candidate
Member Candidate
Topic Author
Posts: 126
Joined: Mon Jan 27, 2014 3:35 pm

Re: What interface represents Router in firewall's input chain?

Wed Jan 19, 2022 3:44 am

Better diagnostics (firewall's log/passthrough, sniffer, etc).
Syntax highlighting and completions for the Mikrotik scripting language in Sublime Text.
Available via Package Control.
 
User avatar
k6ccc
Forum Veteran
Forum Veteran
Posts: 915
Joined: Fri May 13, 2016 12:01 am
Location: Glendora, CA, USA (near Los Angeles)

Re: What interface represents Router in firewall's input chain?

Wed Jan 19, 2022 9:37 pm

What are you trying to accomplish? You want to firewall packets from the router to itself?
RB4011iGS+, RB750Gr3, RB750r2, CRS326-24G-2S (in SwitchOS), CSS326-24G-2S, CSS106-5G-1S, RB260GS
Not sure if I beat them in submission, or they beat me into submission

Warning: I know enough to be dangerous...

Jim

Who is online

Users browsing this forum: No registered users and 12 guests