Is there any way to secure BtestServer running on Mikrotik so it can be acessed without general rules:
Code: Select all
add action=accept chain=input comment="BTEST " protocol=tcp
add action=accept chain=input comment="BTEST " protocol=udpHow to secure BtestServer?
Hi,
Is there any way to secure BtestServer running on Mikrotik so it can be acessed without general rules:
Without those rules firewall on device doesn't allow connection to device with Btest client from WAN. I know that i can add certain IP in src. adress but then i cannot test from more locations and i have to change this ip for every test from different location.
Is there any way to secure BtestServer running on Mikrotik so it can be acessed without general rules:
Re: How to secure BtestServer?
with this two rule you destroy all firewall security
Re: How to secure BtestServer?
extremely basic
Code: Select all
/ip firewall filter
#===accept===
add action=accept chain=input dst-port=2000-2100 protocol=udp src-address-list=lan
add action=accept chain=input dst-port=2000-2100 protocol=tcp src-address-list=lan
#===drop===
add action=drop chain=input dst-port=2000-2100 protocol=tcp
add action=drop chain=input dst-port=2000-2100 protocol=udp
/ip firewall address-list add list=lan address=192.168.x.0/24Re: How to secure BtestServer?
I know that, that is why i'm asking. I will try the rules above.with this two rule you destroy all firewall security
Re: How to secure BtestServer?
If i understand correctly, this only allows btest from 192.168.x.0/24 ?extremely basic
Code: Select all/ip firewall filter #===accept=== add action=accept chain=input dst-port=2000-2100 protocol=udp src-address-list=lan add action=accept chain=input dst-port=2000-2100 protocol=tcp src-address-list=lan #===drop=== add action=drop chain=input dst-port=2000-2100 protocol=tcp add action=drop chain=input dst-port=2000-2100 protocol=udp /ip firewall address-list add list=lan address=192.168.x.0/24