Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /ip firewall filter> print
- Flags: X - disabled, I - invalid, D - dynamic
- 0 D ;;; special dummy rule to show fasttrack counters
- chain=forward action=passthrough
- 1 ;;; defconf: fasttrack
- chain=forward action=fasttrack-connection connection-state=established,related log=no log-prefix=""
- 2 X ;;; defconf: drop invalid
- chain=forward action=drop connection-state=invalid log=no log-prefix=""
- 3 X ;;; defconf: drop all from WAN not DSTNATed
- chain=forward action=drop connection-state=new connection-nat-state=!dstnat in-interface=ether1 log=no
- log-prefix=""
- 4 X chain=forward action=accept in-interface=all-ppp log=no log-prefix=""
- 5 X ;;; WEBSERVER ????
- chain=forward action=accept protocol=tcp in-interface=pppoe-out1 dst-port=80 log=no log-prefix=""
- 6 X chain=input action=accept protocol=icmp log=no log-prefix=""
- 7 X chain=input action=accept connection-state=established log=no log-prefix=""
- 8 X chain=input action=accept connection-state=related log=no log-prefix=""
- 9 chain=input action=drop protocol=tcp in-interface=ether1 dst-port=53 log=no log-prefix=""
- 10 chain=input action=drop protocol=udp in-interface=ether1 dst-port=53 log=no log-prefix=" "
- 11 chain=input action=drop in-interface=ether1
- 12 ;;; defconf: accept established,related
- chain=forward action=accept connection-state=established,related log=no log-prefix=""
- 13 ;;; Drop Another INPUT
- chain=input action=drop
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement