Port-forwarding in RouterOS
Рет қаралды 15,033
5 ай бұрын#mikrotik #routeros #networking #portforwarding
@supra107 4 ай бұрын
You can additionally limit the port forward to WAN in interface list, and if you have a dynamic IP you can make a simple script to pull your current public IP, as it'll be available somewhere in ROS, and save it/update it to an address list with a single entry. After that you set the Dst. address list to that list and now it's a pretty tight port forward rule. The only thing I need to figure out is how to probe local addresses to see if there's a service behind a port, so that the port forward rules can be dynamically turned on and off depending on the client status. Something like UPnP, but assigned manually, therefore safer.
@supra107 4 ай бұрын
Well I found a good solution for that problem. Netwatch can do TCP port testing, and it can be used to dynamically turn port forwarding rules on and off. The only caveat is that it can only respond to TCP requests, so it can be used to toggle UDP access only if TCP is also used by the service.
@P0ziii 4 ай бұрын
Yes i am also curious because i plan to use Failover on 3 WAN interfaces and for this i need dynamic port forwarding rule.
@supra107 4 ай бұрын
@@P0ziii The dynamic address list trick seems to be the best. If you can get a script to fire depending on which WAN interface is up or down, you can have it pull your current public IP, update the address list with it, and the rest will click together. Scripting in ROS is it's biggest advantage. It needs a bit of learning but afterwards it becomes one of the most powerful tools at your disposal.
@AndyChernov 5 ай бұрын
But input chain goes AFTER dst-nat in packet flow diagram. Why do you add accept rule in input?
@mikrotik 5 ай бұрын
We fixed it, blame cupid
@tcsoft 5 ай бұрын
Why not just "Dst. Address List: WAN" instead of "Dst. Address"?
@erazelyou 5 ай бұрын
Doesn't DSTNAT before the Filter? Why use input not forward? After dstnat, the packet will have dst IP address of the host behind mikrotik, so it is a forward chain
@mikrotik 5 ай бұрын
You are right, we fixed it
@momensobhy2929 5 ай бұрын
Thank you for this awsome tutorial but i really need how to NTH load balance in routerOS v7 i treid so many times always somthing wrong please provide anything tell us how it works... thank you
@m-electronics5977 2 ай бұрын
How you make that the winbox look so clear on Linux?
@mikrotik 2 ай бұрын
Winbox let's you zoom in. If that doesn't help, you might have to look into wine settings, i.e. what font it uses.
@m-electronics5977 2 ай бұрын
@@mikrotik I looked in there sometimes but I can't find something😫
@m-electronics5977 2 ай бұрын
@@mikrotik But I find it good that you are using Linux😁
@KenKenay 5 ай бұрын
easy
Category5 Technology TV with Robbie Ferguson
Рет қаралды 56 М.
💀Skeleton Ninja🥷【にんげんっていいなチャンネル】
Рет қаралды 6 МЛН
Dave's Garage
Рет қаралды 554 М.
Immersed
Рет қаралды 119 МЛН
Brother-live_mob
Рет қаралды 1 МЛН