my port forwarding for the FTP server suddenly stopped working (I am not sure if there was some FW update) - I checked the Firewall/NAT configuration and it looked OK to me (the local IP of my FTP server changed recently to 192.168.16.66 and so was wrong in the config, but I fixed it)
here is my current config
Code: Select all
/ip firewall nat
add action=accept chain=dstnat comment="Bypass DNAT for NordicACLforMGMT" src-address-list=NordicACLforMGMT
add action=masquerade chain=srcnat comment="Masquerade outgoing traffic" out-interface=wlan1
add action=masquerade chain=srcnat comment="Masquerade MyLAN to Pinholes (via routing mark)" out-interface=ether1 routing-mark=MyExtIP src-address-list=MyLAN
add action=jump chain=dstnat comment="DNAT from WAN" in-interface=wlan1 jump-target=PinholeDNAT
add action=jump chain=dstnat comment="Externaly DNATed IP Pinholes" dst-address-list=VerejnaIP in-interface=!wlan1 jump-target=PinholeDNAT
add action=jump chain=dstnat comment="WAN IP Pinholes" dst-address-list=MyExtIP in-interface=!wlan1 jump-target=PinholeDNAT
add action=redirect chain=dstnat comment="Redirect Externaly DNATed IP" dst-address-list=VerejnaIP in-interface=!wlan1
add action=dst-nat chain=PinholeDNAT comment="DMZ example: TCP 8888 incoming traffic from Internet to PC 192.168.16.10 HTTP port" disabled=yes dst-port=8888 protocol=tcp to-addresses=192.168.16.10 to-ports=80
add action=dst-nat chain=PinholeDNAT dst-port=21 protocol=tcp to-addresses=192.168.16.66 to-ports=21
add action=dst-nat chain=PinholeDNAT dst-port=28900 protocol=tcp to-addresses=192.168.16.66
add action=dst-nat chain=PinholeDNAT dst-port=28900 protocol=udp to-addresses=192.168.16.126
add action=dst-nat chain=PinholeDNAT dst-port=27015 protocol=tcp to-addresses=192.168.16.66
add action=dst-nat chain=PinholeDNAT dst-port=27015 protocol=udp to-addresses=192.168.16.66