MikroTik

Posted: **Thu Apr 19, 2012 4:32 pm**

I need to add few rules to my ip firewall whtch contain: first ip address from wlan1.

example:
need to do dst-nat for one of the ip

add action=dst-nat chain=dstnat disabled=no dst-address=172.16.190.10 dst-port=\
!8291 protocol=tcp to-addresses=192.168.1.50
add action=dst-nat chain=dstnat disabled=no dst-address=172.16.190.10 dst-port=\
!8291 protocol=udp to-addresses=192.168.1.50

[admin@MikroTik] > ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK INTERFACE
0 192.168.100.252/24 192.168.100.0 ether1
1 172.16.190.10/24 172.16.190.0 wlan1

ip address get value-name=address number=1
#no answer

Posted: **Thu Apr 19, 2012 5:56 pm**

I need to add rule whitch contains that ip address from wlan1 in "first-config" for CPE.

huh?

Posted: **Thu Apr 19, 2012 6:51 pm**

huh?[/quote]

I edited the post. My problem was quite simple.

The solution:
:put [/ip address get value-name=address number=0]

But there is next problem:
Is it possible to add a rule with other type of ip address declaration?
(when I change an ip, the rule will be also changed?)

Posted: **Thu Apr 19, 2012 6:57 pm**

You could use the in-interface option instead.

Posted: **Thu Apr 19, 2012 9:02 pm**

 ip firewall nat set to-addresses=[/ip address get value-name=address number=0] [/ip firewall nat find comment=redirect]

MikroTik

Firewall Rules in backup

Firewall Rules in backup

Re: Firewall Rules in backup

Re: Firewall Rules in backup

Firewall Rules in backup

Re: Firewall Rules in backup