Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [admin@MikroTik] > ip firewall filter print
- Flags: X - disabled, I - invalid, D - dynamic
- 0 D ;;; special dummy rule to show fasttrack counters
- chain=forward action=passthrough
- 1 ;;; defconf: accept established,related, untracked
- chain=forward action=accept connection-state=established,related,untracked
- 2 ;;; XZ
- chain=forward action=accept log=no log-prefix=""
- 3 ;;; defconf: accept established,related,untracked
- chain=input action=accept connection-state=established,related,untracked
- 4 ;;; defconf: drop invalid
- chain=input action=drop connection-state=invalid dst-address=11.11.11.11 log=no log-prefix=""
- 5 ;;; defconf: accept ICMP
- chain=input action=accept protocol=icmp
- 6 ;;; defconf: accept to local loopback (for CAPsMAN)
- chain=input action=accept dst-address=127.0.0.1
- 7 ;;; defconf: drop all not coming from LAN
- chain=input action=drop dst-address=11.11.11.11 in-interface-list=!LAN log=no log-prefix=""
- 8 ;;; defconf: accept in ipsec policy
- chain=forward action=accept ipsec-policy=in,ipsec
- 9 ;;; defconf: accept out ipsec policy
- chain=forward action=accept ipsec-policy=out,ipsec
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement