How to get the public address from interfaces that have several more private networks on MikroTik?

N

nimbo2017-04-12 16:47:00

Mikrotik

nimbo, 2017-04-12 16:47:00

there is a goal to make a script that would automatically configure the firewall filter for the office.
mikrotik is configured on one of the public ports (/30), on the same interface and on neighboring ones there can be addresses from 10.0.0.0/8, 192.168.0.0/16, 172.0.0.0/8.
Accordingly, I would like three firewall rules to appear when the script is executed - allow port 1701 udp and icmp to the public that hangs on our microte (from /30 ) and prohibit all other traffic on the input chain.
the problem is that I can't get this very /30 IP out of all the private IPs.
ps: it is impossible to guess on which interface the public will be hung, as the hand of a local engineer will fall. I didn’t come up with this, this is the design that has historically developed.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

P

Pavel Weiss, 2017-04-20
@FarSeerMellon

/ip firewall address-list
add address=10.0.0.0/8 list=white_list
add address=192.168.0.0/16 list=white_list
add address=172.0.0.0/8 list=white_list
/ip firewall filter
add action=drop chain=input src-address-list=!white_list
If I understand the vehicle correctly, then so.

N

Nicholas, 2017-04-21
@URL

Maybe such a crutch will do)
/tool fetch url=" myip.dnsomatic.com " mode=http dst-path=publicip.txt
:global ip [/file get publicip.txt contents]