E
E
elisey4742017-07-27 20:06:36
Mikrotik
elisey474, 2017-07-27 20:06:36

By default, without any rules, is everything allowed in the firewall of the Mikrotik router?

By default, without any rules, is everything allowed in the firewall of the Mikrotik router?
That is, without any prohibiting rules, the default router will let everyone through the WAN?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
V
Vladimir Zhurkin, 2017-07-27
@elisey474

All right. Without Firewall rules, all packets will be allowed.
Rules that come with a large number of ticks by default.
The only bridge-wan made for me, since the tick is used to forward the network over wifi.
Default is ether1.
by RouterOS 6.39.2

/ip firewall filter
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept established,related" \
connection-state=established,related
add action= drop chain=input comment="defconf: drop all from WAN" \
in-interface=bridge-wan
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related" \
connection-state=established,related
add action=drop chain=forward comment="defconf: drop invalid"\
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface=bridge-wan
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
out-interface=bridge-wan

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question