Community discussions

MikroTik App
  4. RouterOS
  5. General

CCR1072 doesn't ping  [SOLVED]

Post Reply
 
User avatar
victorsoares
Member Candidate
Member Candidate
Topic Author
Posts: 106
Joined: Thu Feb 15, 2018 6:29 pm
Location: Ubatuba, São Paulo - Brazil
Contact:
Contact victorsoares

CCR1072 doesn't ping

Wed Jul 25, 2018 4:23 pm

Hi everyone.

Something strage happened this morning with my CCR1072-1G-8S+ running RoS 6.37.4. No changes were made in anyway, and everything seems to work fine as usual, but I can't ping any IP unless I use ARP ping. I tried disabling my firewall rules and changing my DNS but had no success.

Has anyone had that problem? What do you guys suggest me to try?

Thanks again for the help!

Here are my firewall rules, but as I said before, I already tried disabling them.
Code: Select all
Flags: X - disabled, I - invalid, D - dynamic 
 0    chain=forward action=accept protocol=tcp log=no log-prefix="" 

 1    chain=forward action=accept protocol=udp log=no log-prefix="" 

 2    chain=forward action=accept protocol=udp dst-port=53 log=no log-prefix="" 

 3    chain=forward action=accept tcp-flags="" protocol=tcp src-port=53 log=no 
      log-prefix="" 

 4    chain=output action=accept protocol=tcp dst-address-list=gmail dst-port=58>
      log=no log-prefix="" 

 5    chain=forward action=accept src-address=1.2.3.4 log=no log-prefix="" 

 6    chain=forward action=accept protocol=tcp src-address=2.3.4.5 log=no 
      log-prefix="" 

 7    chain=forward action=accept protocol=tcp dst-address=2.3.4.5 log=no 
      log-prefix="" 

 8    chain=forward action=accept connection-mark=toninhas1 log=no log-prefix="" 

 9    chain=forward action=accept connection-mark=toninhas2 log=no log-prefix="" 

10 XI  ;;; DROP-DNS_Hijacking
      chain=forward action=drop connection-mark=dns-hijaking log=no 
      log-prefix=""
Top
 
Sob
Forum Guru
Forum Guru
Posts: 9188
Joined: Mon Apr 20, 2009 9:11 pm

Re: CCR1072 doesn't ping

Wed Jul 25, 2018 7:01 pm

Unless there are some other options not visible here (it's better to use export command, it shows everything), it must be the most useless firewall I've ever seen. There's no need to disable any rules for testing, because your current firewall already doesn't block anything. It basically does nothing, in a creative way, e.g. rules #0 and #1 accept all tcp and udp traffic, so all following rules with tcp and udp won't get any hits. And even if they did, they would still not be useful, because action=accept is default, so anything not matched be previous rules is accepted anyway at the end. And you have rules only for forward, so any connection to router itself is allowed. For your sake, I hope this device doesn't have public address, or you don't have any remote management enabled (except ssh), because RouterOS 6.37.4 has this nice ability (bug) to tell logins and passwords to anyone who asks.

Edit: Forget the condition in first sentence, if would be useless even with other options. But it's good idea to use export instead of print.
Top
 
User avatar
victorsoares
Member Candidate
Member Candidate
Topic Author
Posts: 106
Joined: Thu Feb 15, 2018 6:29 pm
Location: Ubatuba, São Paulo - Brazil
Contact:
Contact victorsoares

Re: CCR1072 doesn't ping  [SOLVED]

Thu Jul 26, 2018 2:51 pm

Well, anyway. Problem solved by scheduling a reboot during the night. Everything working fine now. Thanks again.
Top
Post Reply

Who is online

Users browsing this forum: garyjduk, romrider, seriosha and 32 guests
  4. RouterOS
  5. General