/ip firewall nat add chain=dstnat in-interface=WAN protocol=tcp dst-port=22 action=dst-nat to-addresses=192.168.247.30 to-ports=22
mikrotik port forwarding
Reply
Category Archives: mikrotik
Leage of Legends filter with mikrotik
Leage of legends filter with mikrotik
[admin@MikroTik] > /ip firewall filter print
Flags: X – disabled, I – invalid, D – dynamic
0 ;;; LoL filter
chain=forward protocol=udp dst-port=5000-5500 action=drop
1 ;;; LoL filter
chain=forward protocol=tcp dst-port=8393-8400 action=drop
2 ;;; LoL filter
chain=forward protocol=tcp dst-port=2099 action=drop
3 ;;; LoL filter
chain=forward protocol=tcp dst-port=5222 action=drop
4 ;;; LoL filter
chain=forward protocol=tcp dst-port=5223 action=drop
[admin@MikroTik] >
change mac address mikrotik how to
много лесно можем да сменим мак адреса на даден интерфейс в микротик
/interface ethernet set WAN mac-address=00:d0:b7:4a:59:fc
mac address filter
няколко пъти ми се налага да правя мак филтър с микротик
/ip firewall filter add chain=forward src-mac-address= XXXXXX client mac action=drop
conficker filtering
добавяме следните правила в микротика:
/ip firewall filter add chain=virus protocol= udp dst-port=135 action=drop comment=”Confiker” disabled=no
/ip firewall filter add chain=virus protocol= udp dst-port=137 action=drop comment=”Confiker” disabled=no
/ip firewall filter add chain=virus protocol= udp dst-port=138 action=drop comment=”Confiker” disabled=no
/ip firewall filter add chain=virus protocol= udp dst-port=445 action=drop comment=”Confiker” disabled=no
/ip firewall filter add chain=virus protocol= tcp dst-port=135 action=drop comment=”Confiker” disabled=no
/ip firewall filter add chain=virus protocol= tcp dst-port=139 action=drop comment=”Confiker” disabled=no
/ip firewall filter add chain=virus protocol= tcp dst-port=5933 action=drop comment=”Confiker” disabled=no
/ip firewall filter add chain=virus protocol= tcp dst-port=445 action=drop comment=”Confiker” disabled=no
/ip firewall filter add chain=virus protocol= tcp dst-port=4691 action=drop comment=”Confiker” disabled=no
dynamic dns update with mikrotik
ето го и скрипта за changeip.com ,който ползвам на един от рутерите -2.9.27
:log info “DDNS: Begin”
:global ddns-user “user”
:global ddns-pass “pass”
:global ddns-host “*2”
:global ddns-interface “int”
:global ddns-ip [ /ip address get [/ip address find interface=$ddns-interface] address ]
:if ([ :typeof $ddns-lastip ] = nil ) do={ :global ddns-lastip 0.0.0.0/0 }
:if ([ :typeof $ddns-ip ] = nil ) do={
:log info (“DDNS: No ip address present on ” . $ddns-interface . “, please check.”)
} else={
:if ($ddns-ip != $ddns-lastip) do={
:log info “DDNS: Sending UPDATE!”
:log info [ /tool dns-update name=$ddns-host address=[:pick $ddns-ip 0 [:find $ddns-ip “/”] ] key-name=$ddns-user key=$ddns-pass ]
:global ddns-lastip $ddns-ip
} else={
:log info “DDNS: No change”
}
}
:log info “DDNS: End”
съответно юзер,пас и интерфейс замествате с вашите