[MikroTik] > /ip firewall filter print
Flags: X - disabled, I - invalid; D - dynamic
0 ;;; jump to kid-control rules
chain=forward action=jump jump-target=kid-control 1 X chain=forward action=accept src-address=192.168.45.25
2 chain=forward action=accept src-address=192.168.45.10
3 chain=forward action=accept protocol=gre src-address=192.168.45.10
4 chain=input action=add-src-to-address-list connection-state=new
protocol=tcp src-address-list=!managers address-list=CRACKERS
address-list-timeout=none-static in-interface=WAN dst-port=21,22,23,8291
5 chain=input action=reject reject-with=icmp-host-unreachable
src-address-list=CRACKERS
6 ;;; established&related
chain=input action=accept connection-state=established,related
8 ;;; invalid connections
chain=input action=drop connection-state=invalid
9 chain=forward action=drop connection-state=invalid
10 ;;; For local configuration in accidents
chain=input action=accept in-interface=ether2
11 ;;; pings
chain=input action=accept protocol=icmp in-interface=!WAN
12 ;;; DNS requests from LAN to me
chain=input action=accept connection-state=new protocol=udp
in-interface=br0 dst-port=53
13 chain=input action=accept connection-state=new protocol=tcp
in-interface=br0 dst-port=53
14 ;;; DNS requests from LAN to WAN
chain=forward action=accept connection-state=new protocol=udp
in-interface=br0 out-interface=WAN dst-port=53
15 chain=forward action=accept connection-state=new protocol=tcp
in-interface=br0 out-interface=WAN dst-port=53
[skip...]
Вариант для распечатки
