/ip firewall filter
add chain=input protocol=icmp action=accept comment=”Allow Ping”
add chain=forward protocol=icmp action=accept
add chain=input connection-state=established action=accept comment=”Accept established connections”
add chain=forward connection-state=established action=accept
add chain=input connection-state=related action=accept comment=”Accept related connections”
add chain=forward connection-state=related action=accept
add chain=input connection-state=invalid action=drop comment=”Drop invalid connections”
add chain=forward connection-state=invalid action=drop
add chain=input protocol=udp action=accept comment=”Allow UDP”
add chain=forward protocol=udp action=accept
add chain=forward src-address=192.168.88.0/24 action=accept comment=”Access to Internet from local network”
add chain=input src-address=192.168.88.0/24 action=accept comment=”Access to Mikrotik only from our local network”
add chain=input action=drop comment=”All other drop”
add chain=forward action=dropThank you for your answer.Code: Select all/ip firewall filter add chain=input protocol=icmp action=accept comment=”Allow Ping” add chain=forward protocol=icmp action=accept add chain=input connection-state=established action=accept comment=”Accept established connections” add chain=forward connection-state=established action=accept add chain=input connection-state=related action=accept comment=”Accept related connections” add chain=forward connection-state=related action=accept add chain=input connection-state=invalid action=drop comment=”Drop invalid connections” add chain=forward connection-state=invalid action=drop add chain=input protocol=udp action=accept comment=”Allow UDP” add chain=forward protocol=udp action=accept add chain=forward src-address=192.168.88.0/24 action=accept comment=”Access to Internet from local network” add chain=input src-address=192.168.88.0/24 action=accept comment=”Access to Mikrotik only from our local network” add chain=input action=drop comment=”All other drop” add chain=forward action=drop
udp 53 is open because of:I put in all the rules but now not only port 80 is open (tcp). Now even port 53 (udp) is open
add chain=input protocol=udp action=accept comment=”Allow UDP”Yes I disabled it. But port 80 is still open. What service is still running?udp 53 is open because of:I put in all the rules but now not only port 80 is open (tcp). Now even port 53 (udp) is openDisable it if you need.Code: Select alladd chain=input protocol=udp action=accept comment=”Allow UDP”
You should consider disabling the www service for your wan port under IP -> Services:
/ip service
set www address=192.168.88.0/24
or even disable it completely:
/ip service
set www disabled=yes
already followed:subseven, port 80 takes "www" service.
It has to be closed if you followed this post:You should consider disabling the www service for your wan port under IP -> Services:
/ip service
set www address=192.168.88.0/24
or even disable it completely:
/ip service
set www disabled=yes
