I'm running RouterOS 7.3.1 on a RB5009.
I have 2 DNS servers at home and I want to log the DNS requests from all the IP addresses except those two servers. In the firewall, I have created the two following rules:
Code: Select all
/ip firewall filter
add action=accept chain=forward dst-port=53 log=yes log-prefix=_dns2 out-interface=vlan1609-spf1-ptp-dvblab protocol=udp \
src-address=!192.168.69.2
add action=accept chain=forward dst-port=53 log=yes log-prefix=_dns3 out-interface=vlan1609-spf1-ptp-dvblab protocol=udp \
src-address=!192.168.69.3
Code: Select all
11:07:56 firewall,info _dns3 forward: in:vlan69-data out:vlan1609-spf1-ptp-dvblab, src-mac 6e:dd:5f:40:06:68, proto UDP, 192.168.69.2:55996->8.8.8.8:53, len 71
11:07:56 firewall,info _dns3 forward: in:vlan69-data out:vlan1609-spf1-ptp-dvblab, src-mac 6e:dd:5f:40:06:68, proto UDP, 192.168.69.2:51263->9.9.9.9:53, len 71
11:09:57 firewall,info _dns3 forward: in:vlan69-data out:vlan1609-spf1-ptp-dvblab, src-mac 6e:dd:5f:40:06:68, proto UDP, 192.168.69.2:27622->8.8.8.8:53, len 71
11:09:57 firewall,info _dns3 forward: in:vlan69-data out:vlan1609-spf1-ptp-dvblab, src-mac 6e:dd:5f:40:06:68, proto UDP, 192.168.69.2:27373->9.9.9.9:53, len 71
Thanks in advance.
Regards