hello, i have made a web server and in Nat Firewall i have redirect ip client to this ip web server, but what is the different of the Protocol..for example what happen when i chose
1(icmp),2 igmp,6(tcp),17 udp etc..etc, dont forget something, im wanna redirect this client, and stop the internet working, No MSN , No Web Browser, Notething..
Thank YOU
Re: Ip Firewall
Greetings from Miramar Beach, Florida!
Port 80 tcp is the port/protocol to stop/redirect for internet access. And port 25 tcp if you want to stop outbound email (spammers).
Port 80 tcp is the port/protocol to stop/redirect for internet access. And port 25 tcp if you want to stop outbound email (spammers).
-
-
alternativi
Frequent Visitor
- Posts: 79
- Joined:
Re: Ip Firewall
ok man i understand you, but i mean in ip firewall i have selected Protocol 6 (tcp), and in Action the port is 0-65535
so what is different of tcp, icmp, udp..
so what is different of tcp, icmp, udp..
Re: Ip Firewall
I don't understand what you are wanting to do. If you want to redirect a customer's web requests to another host, you can do (for example):hello, i have made a web server and in Nat Firewall i have redirect ip client to this ip web server, but what is the different of the Protocol..for example what happen when i chose
1(icmp),2 igmp,6(tcp),17 udp etc..etc, dont forget something, im wanna redirect this client, and stop the internet working, No MSN , No Web Browser, Notething..
Code: Select all
/ip firewall nat
add chain=dstnat src-address=x.x.x.x protocol=tcp dst-port=80 action=dst-nat to-addresses=y.y.y.y to-ports=80If you are looking for a tutorial on how to do firewall, then I'd recommend attending a training class that covers firewalling (such as mine for example). Perhaps you can look at something like http://www.learntcpip.com/ for further understanding of what tcp vs udp vs icmp and so forth are all about. Perhaps I'm just not understanding your question.
-
-
alternativi
Frequent Visitor
- Posts: 79
- Joined:
Re: Ip Firewall
it helped to me.. thank you verymuch
-
-
yudigadget
Frequent Visitor
- Posts: 60
- Joined:
Re: Ip Firewall
Code: Select all
/ip firewall nat
add chain=dstnat src-address=x.x.x.x protocol=tcp dst-port=80 action=dst-nat to-addresses=y.y.y.y to-ports=80[admin@MikroTik] > ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=dstnat src-address=172.16.100.199 protocol=tcp dst-port=80 action=dst-nat
to-addresses=172.16.100.202 to-ports=80
I can open the website from the PC with IP address 172.16.100.199, but when i open google, it just got "The connection has timed out", so not redirect to 172.16.100.202
Re: Ip Firewall
Ok, this is a different reason and setup. Mikrotik (and any linux router for that matter) cannot do a dst-nat where a packet enters and leaves on the same interface. You will need to set up a web server that exists on another interface on the router.I test your advice, but why doesn't work:Code: Select all/ip firewall nat add chain=dstnat src-address=x.x.x.x protocol=tcp dst-port=80 action=dst-nat to-addresses=y.y.y.y to-ports=80
[admin@MikroTik] > ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=dstnat src-address=172.16.100.199 protocol=tcp dst-port=80 action=dst-nat
to-addresses=172.16.100.202 to-ports=80
I can open the website from the PC with IP address 172.16.100.199, but when i open google, it just got "The connection has timed out", so not redirect to 172.16.100.202
Re: Ip Firewall
Someting like should help.
Code: Select all
add chain=srcnat action=src-nat src-address=172.16.100.0/24 dst-address=172.16.100.202 protocol=tcp to-addresses=gateway.ip to-ports=0-65535
-
-
alternativi
Frequent Visitor
- Posts: 79
- Joined:
Re: Ip Firewall
my friend i have set up a Web server Linux..and i have a real Ip addres and i have redirect to me it works well...