Skip to content

Instantly share code, notes, and snippets.

@arysandi

arysandi/gist:8b505bddd9e925828458785fe96cf9b7

Created September 26, 2018 11:56
Show Gist options
  • Save arysandi/8b505bddd9e925828458785fe96cf9b7 to your computer and use it in GitHub Desktop.
Save arysandi/8b505bddd9e925828458785fe96cf9b7 to your computer and use it in GitHub Desktop.
Download ZIP
firewall mikrotik default
Raw
gistfile1.txt
ganti “SUMBER INTERNET” dengan nama interface sumber internet di mikrotik *
/ip firewall filter
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept ICMP" dst-port=8291 protocol=tcp
add action=accept chain=input comment="defconf: accept ICMP" dst-port=8291 protocol=udp
add action=accept chain=input comment="defconf: accept established,related" connection-state=established,related
add action=drop chain=input comment="defconf: drop all from WAN" in-interface="SUMBER INTERNET"
add action=accept chain=forward comment="defconf: accept established,related" connection-state=established,related
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface="SUMBER INTERNET"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment