Code: Select all
/interface bridge add name=bridge1
/ip pool
add name=dhcp_pool1 ranges=10.0.0.2-10.0.0.254
/ip dhcp-server add address-pool=dhcp_pool1 interface=bridge1 name=dhcp1
/interface bridge port add bridge=bridge1 interface=ether2
/ip address add address=10.0.0.1/24 interface=bridge1 network=10.0.0.0
/ip dhcp-client add interface=ether1
/ip dhcp-server network add address=10.0.0.0/24 gateway=10.0.0.1 netmask=24
/ip firewall address-list add address=1.1.1.1 list=Whitelist
add address=google.com list=Whitelist
/ip firewall filter
add action=accept chain=forward dst-address-list=Whitelist log=yes log-prefix=\
"Allowed forward"
add action=drop chain=forward log=yes log-prefix=\
"Dropped forward"
/ip firewall nat
add action=masquerade chain=srcnat
Code: Select all
Allowed forward forward: in:bridge1 out:ether1, connection-state:new src-mac 00:50:79:66:68:03, proto ICMP (type 8, code 0), 10.0.0.254->1.1.1.1, len 84
Dropped forward forward: in:ether1 out:bridge1, connection-state:established,snat src-mac 00:50:56:e7:e4:3c, proto ICMP (type 0, code 0), 1.1.1.1->10.0.0.254, NAT 1.1.1.1->(192.168.41.130->10.0.0.254), len 84