Is there any way to secure BtestServer running on Mikrotik so it can be acessed without general rules:
Code: Select all
add action=accept chain=input comment="BTEST " protocol=tcp
add action=accept chain=input comment="BTEST " protocol=udp
add action=accept chain=input comment="BTEST " protocol=tcp
add action=accept chain=input comment="BTEST " protocol=udp
/ip firewall filter
#===accept===
add action=accept chain=input dst-port=2000-2100 protocol=udp src-address-list=lan
add action=accept chain=input dst-port=2000-2100 protocol=tcp src-address-list=lan
#===drop===
add action=drop chain=input dst-port=2000-2100 protocol=tcp
add action=drop chain=input dst-port=2000-2100 protocol=udp
/ip firewall address-list add list=lan address=192.168.x.0/24
I know that, that is why i'm asking. I will try the rules above.with this two rule you destroy all firewall security
If i understand correctly, this only allows btest from 192.168.x.0/24 ?extremely basic
Code: Select all/ip firewall filter #===accept=== add action=accept chain=input dst-port=2000-2100 protocol=udp src-address-list=lan add action=accept chain=input dst-port=2000-2100 protocol=tcp src-address-list=lan #===drop=== add action=drop chain=input dst-port=2000-2100 protocol=tcp add action=drop chain=input dst-port=2000-2100 protocol=udp /ip firewall address-list add list=lan address=192.168.x.0/24