Community discussions

MikroTik App
  4. RouterOS
  5. General

block all traffic except http for a vlan

Post Reply
 
reza.mnp
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 90
Joined: Mon Jun 11, 2007 9:44 am
Location: ilam - iran
Contact:
Contact reza.mnp

block all traffic except http for a vlan

Fri Oct 22, 2010 11:28 pm

how can block all traffic except http and https for a vlan by using MT->firewall->filter

thanks alot
Top
 
Feklar
Forum Guru
Forum Guru
Posts: 1724
Joined: Tue Dec 01, 2009 11:46 pm

Re: block all traffic except http for a vlan

Fri Oct 22, 2010 11:36 pm

Specify the in port in the firewall matcher to VLANXXX with the appropriate drop and accept rules.

This is assuming that you have VLANs set up right on the MikroTik and network.
Top
 
reza.mnp
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 90
Joined: Mon Jun 11, 2007 9:44 am
Location: ilam - iran
Contact:
Contact reza.mnp

Re: block all traffic except http for a vlan

Sat Oct 23, 2010 9:45 pm

Real example for vlan x ?
Top
 
fewi
Forum Guru
Forum Guru
Posts: 7717
Joined: Tue Aug 11, 2009 3:19 am

Re: block all traffic except http for a vlan

Sat Oct 23, 2010 10:23 pm

Simplest form:
Code: Select all
/ip firewall filter
add chain=forward in-interface=vlanX protocol=tcp dst-port=80 action=accept
add chain=forward in-interface=vlanX action=drop
Of cord that won't be sufficient. You probably need HTTPS, and DNS. Add rules for those ports/protocols. See the wiki for the manual and examples.
Top
Post Reply
  4. RouterOS
  5. General