Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ip firewall export
- # feb/19/2017 22:23:24 by RouterOS 6.38.1
- # software id = 4YN5-2WQK
- #
- /ip firewall filter
- add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
- add action=accept chain=input comment="defconf: accept established,related" connection-state=established,related
- add action=drop chain=input comment="defconf: drop all from WAN" in-interface=ether1
- add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
- add action=accept chain=forward comment="defconf: accept established,related" connection-state=established,related
- add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
- add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface=ether1
- /ip firewall nat
- add action=masquerade chain=srcnat comment="defconf: masquerade" out-interface=ether1
- add action=masquerade chain=srcnat comment="defconf: masquerade" out-interface=bridge
- add action=dst-nat chain=dstnat disabled=yes dst-port=9090 protocol=tcp to-addresses=1.1.1.1 to-ports=9090
- add action=dst-nat chain=dstnat comment="Endurance WEB" dst-address=тут_был_адрес dst-port=80 in-interface=ether1 protocol=tcp to-addresses=192.168.0.113 \
- to-ports=80
- add action=dst-nat chain=dstnat comment="Endurance WEB-SSL" dst-address=тут_был_адрес dst-port=443 in-interface=ether1 protocol=tcp to-addresses=\
- 192.168.0.113 to-ports=443
- add action=dst-nat chain=dstnat comment=Factorio dst-address=тут_был_адрес dst-port=34197 in-interface=ether1 protocol=udp to-addresses=192.168.0.113 \
- to-ports=34197
- add action=netmap chain=dstnat comment="University Debian" disabled=yes dst-address=тут_был_адрес dst-port=22101 in-interface=ether1 protocol=tcp \
- to-addresses=192.168.0.17 to-ports=22
- add action=dst-nat chain=dstnat dst-address=тут_был_адрес dst-port=80 protocol=tcp src-address=192.168.0.0/24 to-addresses=192.168.0.113
- add action=dst-nat chain=dstnat dst-address=тут_был_адрес dst-port=22101 protocol=tcp to-addresses=192.168.0.17 to-ports=22
- add action=dst-nat chain=dstnat dst-address=тут_был_адрес dst-port=443 protocol=tcp src-address=192.168.0.0/24 to-addresses=192.168.0.113
- add action=masquerade chain=srcnat dst-address=192.168.0.113 dst-port=80 protocol=tcp src-address=192.168.0.0/24 to-addresses=192.168.0.113
- add action=accept chain=srcnat src-address=192.168.1.0/24
Advertisement
Add Comment
Please, Sign In to add comment
