Differences

This shows you the differences between two versions of the page.

--- networking:router:mikrotik_fw [2022/07/22 09:43]
gcooper
+++ networking:router:mikrotik_fw [2022/07/22 10:06] (current)
gcooper
@@ Line 1: / Line 1: @@
 ====== Mikrotik RouterOS Firewall ======
-FIXME Need evaluate these scripts:
-**Free**: https://rickfreyconsulting.com/rfc-mikrotik-firewall-6-1-for-ipv4-free-version/
-**Lite Free**: https://rickfreyconsulting.com/rick-freys-basic-mikrotik-firewall-rev-6-1-for-ipv4-lite-edition-3/
-http://wiki.mikrotik.com/wiki/Protecting_your_customers
 ===== Denial of Service =====
@@ Line 33: / Line 25: @@
 ===== Destination NAT (Port Forwarding) Examples =====
-:!: "Destination NAT" is often called "Port Forwarding".
+:!: ''Destination NAT'' is often called ''Port Forwarding''.
-:!: With Mikrotik RouterOS, you don't have to add a separate firewall rule for forwarded ports.
+:!: With Mikrotik RouterOS, you do not add an explicit ''accept'' firewall rule for forwarded ports as ''accept'' is implied.
 <file>
@@ Line 54: / Line 46: @@
 http://forum.mikrotik.com/viewtopic.php?f=2&t=11368
-Normal 'masquerade' source NAT uses the address of the outbound interface as the external IP:
+Normal ''masquerade'' source NAT uses the address of the outbound interface as the external IP:
 <file>
 /ip firewall nat
+add action=masquerade chain=srcnat comment="Masquerade (NAT) - Last NAT Rule" out-interface=ether1
-add action=masquerade chain=srcnat comment="Masquerade (NAT)" out-interface=ether1
 </file>
@@ Line 83: / Line 74: @@
 ===== Basic Firewall =====
+FIXME This basic firewall script needs modernization, probably based on the newer default Mikrotik firewall.
 Firewall/Router: http://gregsowell.com/?p=4013

Virtual Architects Support Wiki

User Tools

Site Tools

Differences

Page Tools