Mikrotik routerek - Mobilarena Hozzászólások

Hirdetés

Legfrissebb anyagok

Mobilarena témák

PROHARDVER! témák

IT café témák

GAMEPOD témák

LOGOUT témák

Hirdetés

100 000 érv a ReGalaxy mellett: Vásárolj Galaxy Z Fold7 I Z Flip7 vagy Galaxy S25 szériás készüléket, és régi mobilod felújítását 100 000 Ft-ig mi álljuk!

Téma összefoglaló

Utoljára frissítve: 2025-08-03 17:27

Mobilarena

Mikrotik routerekkel foglalkozó téma. Mikrotik router típusok, hardverek, router beállítások, programozás (scriptek írása), frissítés, és minden Mikrotik routerrel kapcsolatos beszélgetés helye.

Új hozzászólás Aktív témák

#12615 Core2duo6600 veterán

Új Válasz 2021-01-13 10:37:54 #12615
Új hozzászólás
Összes hozzászólása itt Válaszok az összes hozzászólására itt Válaszok erre a hozzászólásra
Privát üzenet küldése

Core2duo6600

veterán

Hello,
A tűzfalszabályok:
[admin@MikroTik] /ip firewall filter> print
Flags: X - disabled, I - invalid, D - dynamic
0 X ;;; Kicus laptop
chain=forward action=drop src-address=192.168.2.29 in-interface=bridge-Wifi out-interface=ether10 log=no log-prefix=""
1 X chain=forward action=drop dst-address=192.168.2.29 in-interface=ether10 out-interface=bridge-Wifi log=no log-prefix=""
2 X ;;; Kicus telo net tiltas
chain=forward action=drop src-address=192.168.2.14 in-interface=bridge-Wifi out-interface=ether10 log=no log-prefix=""
3 X chain=forward action=drop dst-address=192.168.2.14 in-interface=ether10 out-interface=bridge-Wifi log=no log-prefix=""
4 X ;;; Block Youtube - Apu laptop
chain=forward action=drop layer7-protocol=Block Youtube src-address=192.168.2.29 in-interface=bridge-Wifi log=no log-prefix=""
5 X ;;; Block Wifi - Anyu
chain=forward action=drop src-address=192.168.2.22 in-interface=bridge-Wifi log=no log-prefix=""
6 X ;;; Block Youtube Wifi
chain=forward action=drop layer7-protocol=Block Youtube in-interface=bridge-Wifi log=no log-prefix=""
7 ;;; Drop SMTP KI 25
chain=forward action=drop protocol=tcp in-interface=bridge-LAN dst-port=25 log=no log-prefix=""
8 ;;; Drop SMTP KI 25
chain=forward action=drop protocol=tcp in-interface=bridge-Wifi dst-port=25 log=no log-prefix=""
9 chain=forward action=accept connection-state="" in-interface=bridge-LAN out-interface=Digi-PPPOE log=no log-prefix=""
10 chain=input action=accept in-interface=bridge-LAN log=no log-prefix=""
11 chain=input action=accept connection-state=established,related in-interface=Digi-PPPOE log=no log-prefix=""
12 ;;; Wifi > nas2
chain=forward action=accept dst-address=192.168.1.5 in-interface=bridge-Wifi out-interface=bridge-LAN log=no log-prefix=""
13 ;;; Wifi > nas3
chain=forward action=accept dst-address=192.168.1.7 in-interface=bridge-Wifi out-interface=bridge-LAN log=no log-prefix=""
14 ;;; Wifi > NAS
chain=forward action=accept dst-address=192.168.1.4 in-interface=bridge-Wifi out-interface=bridge-LAN log=no log-prefix=""
15 ;;; Wifi > Atom
chain=forward action=accept dst-address=192.168.1.6 in-interface=bridge-Wifi out-interface=bridge-LAN log=no log-prefix=""
16 ;;; Wifi > i7 860
chain=forward action=accept dst-address=192.168.1.33 in-interface=bridge-Wifi out-interface=bridge-LAN log=no log-prefix=""
17 ;;; NAS2 > Wifi
chain=forward action=accept src-address=192.168.1.5 in-interface=bridge-LAN out-interface=bridge-Wifi log=no log-prefix=""
18 ;;; NAS3 > Wifi
chain=forward action=accept src-address=192.168.1.7 in-interface=bridge-LAN out-interface=bridge-Wifi log=no log-prefix=""
19 ;;; NAS > Wifi
chain=forward action=accept src-address=192.168.1.4 in-interface=bridge-LAN out-interface=bridge-Wifi log=no log-prefix=""
20 ;;; Atom > Wifi
chain=forward action=accept src-address=192.168.1.6 in-interface=bridge-LAN out-interface=bridge-Wifi log=no log-prefix=""
21 ;;; i7 860 > Wifi
chain=forward action=accept src-address=192.168.1.33 in-interface=bridge-LAN out-interface=bridge-Wifi log=no log-prefix="860 2 wifi"
22 ;;; Wifi DNS REQ
chain=input action=accept protocol=udp in-interface=bridge-Wifi dst-port=53 log=no log-prefix=""
23 ;;; Wifi -> NET
chain=forward action=accept protocol=tcp in-interface=bridge-Wifi out-interface=Digi-PPPOE dst-port=80,443,8080,993,587,465,8886 log=no log-prefix=""
24 ;;; Wifi -> Kozti VPN
chain=forward action=accept protocol=tcp dst-address=89.135.52.121 in-interface=bridge-Wifi out-interface=Digi-PPPOE dst-port="" log=no log-prefix="kozti"
25 ;;; Wifi -> NET Minden egy b tilt s
chain=forward action=drop in-interface=bridge-Wifi out-interface=Digi-PPPOE log=no log-prefix="wifi egyeb"
26 ;;; Drop DNS From DIGI
chain=input action=drop protocol=tcp in-interface=Digi-PPPOE dst-port=53 log=no log-prefix=""
27 ;;; Drop DNS From DIGI
chain=input action=drop protocol=udp in-interface=Digi-PPPOE dst-port=53 log=no log-prefix=""
28 ;;; Wifi -> nyomtat
chain=forward action=accept dst-address=192.168.1.2 in-interface=bridge-Wifi out-interface=bridge-LAN log=no log-prefix=""
29 ;;; Nyomtat -> Wifi
chain=forward action=accept src-address=192.168.1.2 in-interface=bridge-LAN out-interface=bridge-Wifi log=no log-prefix=""
30 ;;; Wifi -> NET ping
chain=forward action=accept protocol=icmp in-interface=bridge-Wifi out-interface=Digi-PPPOE log=no log-prefix=""
31 ;;; Wifi in - Winbox
chain=input action=accept protocol=tcp in-interface=bridge-Wifi dst-port=8291 log=no log-prefix=""
32 ;;; Wifi in - NTP
chain=input action=accept protocol=udp in-interface=bridge-Wifi dst-port=123 log=no log-prefix=""
33 ;;; Wifi in drop
chain=input action=drop in-interface=bridge-Wifi log=no log-prefix="Wifi input drop"
34 ;;; Drop invalid from LAN
chain=forward action=drop connection-state=invalid connection-type="" in-interface=bridge-LAN log=no log-prefix="invalid"
35 X ;;; L2TP Allow
chain=input action=accept protocol=udp dst-port=1701,500,4500 log=yes log-prefix="L2TP"
36 X chain=input action=accept protocol=ipsec-esp log=no log-prefix=""
37 X chain=forward action=accept src-address=10.10.3.0/24 log=no log-prefix=""
38 X chain=input action=accept src-address=10.10.3.0/24 log=no log-prefix=""
39 ;;; Allow SSTP
chain=input action=accept protocol=tcp dst-port=443 log=no log-prefix=""
40 chain=forward action=accept src-address=10.10.2.0/24 log=no log-prefix=""
41 chain=input action=accept src-address=10.10.2.0/24 log=no log-prefix=""
42 ;;; Drop Digi
chain=input action=drop in-interface=Digi-PPPOE log=no log-prefix="dorp digi"
43 ;;; Wifi -> Lan drop
chain=forward action=drop in-interface=bridge-Wifi out-interface=bridge-LAN log=no log-prefix="wifi -lan "
44 ;;; LAN -> Wifi drop
chain=forward action=drop in-interface=bridge-LAN out-interface=bridge-Wifi log=no log-prefix="lan wifi"
45 ;;; Drop All
chain=input action=drop log=no log-prefix="Drop All"
NAT :
[admin@MikroTik] /ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; LAN
chain=srcnat action=masquerade src-address=192.168.1.0/24 out-interface=Digi-PPPOE log=no log-prefix=""
1 ;;; Wifi
chain=srcnat action=masquerade src-address=192.168.2.0/24 out-interface=Digi-PPPOE log=no log-prefix=""
2 ;;; SSTP
chain=srcnat action=masquerade src-address=10.10.2.0/24 out-interface=Digi-PPPOE log=no log-prefix=""
3 ;;; L2TP
chain=srcnat action=masquerade src-address=10.10.3.0/24 out-interface=Digi-PPPOE log=no log-prefix=""
4 X ;;; Discord > S8
chain=dstnat action=dst-nat to-addresses=192.168.2.17 to-ports=50000-65535 protocol=udp in-interface=Digi-PPPOE dst-port=50000-65535 log=no log-prefix=""

A kérdésem, miért nem érem a 192.168.2.25 ös laptopról a 192.168.33 as gépet a lan hálózaton.
A szabályokat a Atom nevű szabály másolásával hoztam létre, csak az ip címet módosítottam, ill. a kommentet.
A 192.168.1.6 os címen lévő atom nevű gépet elérem, mint ahogy a nas okat is.
Igaz ezeknek fix ip címe van.