Filter Rule pada Mikrotik

Angga Fajar Kusuma

13 Jan 202110:08

Summary

TLDRThis video explains how to configure filter rules in MikroTik routers using the Winbox interface. It covers essential elements such as traffic types (Input, Output, Forward), source and destination addresses, and protocols. The tutorial details step-by-step procedures for setting up rules, configuring advanced options like address lists and Layer 7 protocols, and applying time-based filters. Additionally, the video explains how to set actions for filtering, such as Accept, Drop, Reject, and Log. This guide is ideal for users looking to control data flow and enhance network security using MikroTik routers.

Takeaways

😀 Filter rules in MikroTik allow you to control which data packets can enter or exit the router.
😀 Winbox is the primary software used to access and configure MikroTik routers for firewall settings.
😀 The main categories of firewall rules are Input, Output, and Forward, which manage different types of traffic.
😀 The 'Forward' rule is used for handling data passing through the router, such as traffic between a client and the internet.
😀 'Input' rules manage incoming traffic to the router, targeting specific IP addresses on the router's interfaces.
😀 'Output' rules deal with outgoing traffic from the router to the internet or local network.
😀 Address lists can be created to group multiple IPs or domains for easier rule configuration and management.
😀 Layer 7 protocol filtering allows more specific control, such as blocking particular websites like Google or Facebook.
😀 Time-based rules can be set up to apply filters only during specific hours or days, such as blocking YouTube during office hours.
😀 Action types in filter rules include 'Accept', 'Drop', 'Reject', 'Log', and 'Skip', each determining how packets are handled.
😀 Logging packets with the 'Log' action helps monitor and troubleshoot traffic filtering on the router.

Q & A

What is the purpose of filter rules in MikroTik?
-Filter rules in MikroTik are used to determine whether a data packet can enter or exit the router based on various parameters such as source/destination IP, protocol, interface, and time-based conditions.
How can filter rules be accessed in MikroTik's Winbox?
-Filter rules can be accessed in Winbox by navigating to the 'Help' menu and selecting 'Schedule'. From there, you can configure the filter rules as needed.
What are the three key stages of packet processing in MikroTik filter rules?
-The three key stages of packet processing in MikroTik filter rules are 'Input' (processing packets entering the router), 'Output' (processing packets leaving the router), and 'Forward' (processing packets passing through the router between interfaces).
What is the difference between the 'Input' and 'Output' stages in MikroTik's filter rules?
-The 'Input' stage is for processing packets that are entering the router, whereas the 'Output' stage is for processing packets that are leaving the router.
What is the role of the 'Forward' stage in MikroTik's filter rules?
-The 'Forward' stage handles packets that are passing through the router, typically between different network interfaces, such as from a client to the internet or vice versa.
What are the main parameters used in MikroTik filter rules?
-The main parameters include 'src-address' (source IP address), 'dst-address' (destination IP address), 'Protocol' (TCP, UDP, etc.), 'Port Number', 'In-interface' (interface where packet enters), and 'Out-interface' (interface where packet exits).
How can you group multiple IP addresses for easier filter rule management in MikroTik?
-Multiple IP addresses can be grouped into 'Address Lists' in MikroTik. This allows you to apply filter rules to the entire group instead of configuring each IP individually.
What is the purpose of Layer 7 protocols in MikroTik filter rules?
-Layer 7 protocols allow filtering based on application-layer data, such as HTTP, FTP, etc., enabling more specific control over the traffic, for example, blocking access to certain websites like google.com.
How can you block a website using MikroTik filter rules?
-To block a website, you can create a filter rule where the 'Content' matches the domain name (e.g., 'google.com') or use Layer 7 protocols to identify and block the corresponding traffic.
Can filter rules in MikroTik be time-based, and how is this set up?
-Yes, filter rules can be time-based. You can configure a filter rule to be active only during specific hours or days of the week, such as blocking access to YouTube during work hours (e.g., 9 AM to 5 PM).
What are the different actions that can be applied to packets in MikroTik's filter rules?
-The available actions include 'Accept' (allow the packet), 'Drop' (discard the packet), 'Reject' (discard the packet and send a rejection message), 'Log' (log the packet for monitoring), and other actions like redirecting or ignoring the rule.
What is the purpose of the 'Log' action in MikroTik's filter rules?
-The 'Log' action is used to record information about packets that match a filter rule. This can help in troubleshooting or monitoring traffic to ensure proper filter rule operation.