【RouterOS】——5 important default firewall rules
[i=s] 本帖最後由 角色 於 2013-3-9 21:12 編輯 [/i]为了学习RouterOS,我把所有default的rules都删去,但是为了大家有一个好好的参考,所以把那四条default rules刊登上来,那么有问题的时候都有一个参考:[code][admin@MikroTik] /ip firewall filter> print
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; default configuration
chain=input action=accept protocol=icmp
1 ;;; default configuration
chain=input action=accept connection-state=established
2 ;;; default configuration
chain=input action=accept connection-state=related
3 ;;; default configuration
chain=input action=drop in-interface=sfp1-gateway
4 ;;; default configuration
chain=input action=drop in-interface=ether1-gateway
[admin@MikroTik] [/code] [i=s] 本帖最後由 bubblestar 於 2013-1-6 12:55 編輯 [/i]
Thanks for the information.
In case we have dual wan, I think we shall need to make an additional firewall rule after Number 4. Shall we?
Let's say,[code][admin@MikroTik] /ip firewall filter> print
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; default configuration
chain=input action=accept protocol=icmp
1 ;;; default configuration
chain=input action=accept connection-state=established
2 ;;; default configuration
chain=input action=accept connection-state=related
3 ;;; default configuration
chain=input action=drop in-interface=sfp1-gateway
4 ;;; default configuration
chain=input action=drop in-interface=ether1-gateway
5 ;;; default configuration
chain=input action=drop in-interface=ether2-gateway
[admin@MikroTik] [/code] 剛買了 routeros 請問除以上 basic firewall 之外 , 還有什麼要加 ? 請指教 !! thanks !!! [b]回復 [url=http://www.telecom-cafe.com/forum/redirect.php?goto=findpost&pid=37767&ptid=5166]3#[/url] [i]carw318[/i] [/b]
你买了什么RB呢? RB2011UiAS-2HnD :) routeros x86
頁:
[1]