Answer the question
In order to leave comments, you need to log in
Is Filter Rules needed after Filter Nat??
In ip->nat I made forwarding from the external network
dstnat
protocol-tcp
dst. port - 3030
action - netmap
to adress - 192.168.10.30
to ports - 8080
Everything works as it should, do I need to add additional filters in Rules for security reasons??
Answer the question
In order to leave comments, you need to log in
there are no filters in nat. There are redirection rules
www.opennet.ru/docs/RUS/iptables - read how iptables works. Although the old version - the principles remain the same
Well, mikrotik in this place is just a wrapper over iptables;)
The general practice is not to use filtering in the NAT chain, but Mikrotik allows this.
In your case, everyone is allowed to connect to the port, you either restrict it in NAT or in Filter Rules - do filtering in the Forward chain, because Input is filtering traffic to the router, use Forward to filter NAT.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question