Community discussions

MikroTik App
 
irbk
just joined
Topic Author
Posts: 5
Joined: Fri Oct 15, 2021 5:41 pm

Standardize Firewall Rules

Fri Oct 15, 2021 5:48 pm

Hello Forum,
I'm a brand new MikroTik administrator. I come from the world of Cisco but my new job is running MikroTik, so I'm doing my best to learn. We've got about 60+ sites running at least 1 MikroTik (and it some cases multiples) router. One of the big problems this place has is the standardization of firewall rules. What I'd love to be able to to is take a set of rules from 1 of the sites and copy/paste that set of rules to all my other sites.... while not breaking anything. Is there an easier way than manually going through all 60+ router configs and adding each rule line by line?

Thanks in advance.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19107
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Standardize Firewall Rules

Tue Oct 19, 2021 10:15 pm

viewtopic.php?t=152564

Check out DUDE

Zerotier?

Scripts?

I have seen this type of topic discussed many times....................
 
mada3k
Long time Member
Long time Member
Posts: 687
Joined: Mon Jul 13, 2015 10:53 am
Location: Sweden

Re: Standardize Firewall Rules

Tue Oct 19, 2021 10:23 pm

We use Ansible for standardize configuration on our devices. Unimus is another intresting tool for manage many devices.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19107
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Standardize Firewall Rules

Tue Oct 19, 2021 11:27 pm

 
irbk
just joined
Topic Author
Posts: 5
Joined: Fri Oct 15, 2021 5:41 pm

Re: Standardize Firewall Rules

Thu Oct 28, 2021 10:13 pm

viewtopic.php?t=152564

Check out DUDE

Zerotier?

Scripts?

I have seen this type of topic discussed many times....................
Yeah, I'd love to be able to script stuff. AAMOF I've posted in another form trying to find a good tutorial for scripting the mikrotik. I don't even know where to start. I've looked at the MikroTik documentation which I'm not finding helpful. I need an entry level "how to" on MikroTik scripting. Everything that I'm finding on Scripting is WAY over my head. If you've got a good youtube tutorial that you can point me to, I'd gladly take a good at it.
 
timotei
just joined
Posts: 23
Joined: Sun Oct 10, 2010 1:25 pm

Re: Standardize Firewall Rules

Fri Oct 29, 2021 8:21 pm

I will stick my head out and give advice without proper own testing, just based on two links:

viewtopic.php?t=39126
https://sleeplessbeastie.eu/2011/06/30/ ... e-command/

First make ready one router with all the proper rules
Then export to file: ip firewall export file=name
And download the file (name.src) to local computer
Edit the exported and downloaded file by adding one line at the top: /ip firewall filter remove [/ip firewall filter find]
Upload the edited file to new router and import it: /import name.src

This should delete all old firewall rules and put in the rules from first router.
Not tested by me, must be tested with your firewall rules and probably only used on site and with caution!
Also possible to skip the deleting of old firewall, and just add your new ones at the bottom of old firewall. Then manual edit to place the new rules in among old rules and delete duplicates.

Who is online

Users browsing this forum: No registered users and 31 guests