MikroTik

Not great with firewall rules so almost certainly my fault!

I've got a neighbor sharing my connection but I don't want them to be able to reach my internal 192.168.x.x network. Their router IP is a public IP.

My attempt;
Chain: Forward
Dst Address: 192.168.0.0/16
In Interface: pppoe-interface
action: drop

However he is still able to access this internal network so not sure what I have done wrong.

Thanks!

Hi,
please print out your configuration , maybe before your rule there is a rule which accepting packets

Thanks for the reply.

I forgot to update previously. Something weird was going on with the router. The rule started to work after arestart. I'm guessing you shouldn't need to do this?

Dan.

After changing any NAT/Filter/Mangle/it's better to restart the router , actually set connection tracking off/on will work too

Beware of loosing connection to the device when switching the connection tracking off. In some situations it could be very dangerous. Removing all connections is much safer, because you can initiate a new if necessary but you cannot switch connection tracking on again when you have no access...