mikrotik firewall filter
TRANSCRIPT
www.glcnetworks.com
Firewall filterGLC webinar, 9 february 2017
Achmad [email protected] Networks, Indonesia
www.glcnetworks.com
Agenda
● Introduction● Mikrotik Firewall● Mikrotik Firewall filter● Demo● Q & A
2
www.glcnetworks.com
What is GLC?
● Garda Lintas Cakrawala (www.glcnetworks.com)● An Indonesian company● Located in Bandung● Areas: Training, IT Consulting● Mikrotik Certified Training Partner● Mikrotik Certified Consultant● Mikrotik distributor
3
www.glcnetworks.com
About GLC webinar?
● First webinar: january 1, 2010 (title: tahun baru bersama solaris - new year with solaris OS)
● As a sharing event with various topics: linux, networking, wireless, database, programming, etc
● Regular schedule: every 2 weeks● Irregular schedule: as needed● Checking schedule:
http://www.glcnetworks.com/main/schedule
● You are invited to be a presenter○ No need to be an expert○ This is a forum for sharing: knowledge,
experiences, information
4
www.glcnetworks.com
Trainer Introduction
● Name: Achmad Mardiansyah● Base: bandung, Indonesia● Linux user since 1999● Mikrotik user since 2007● Certified Trainer (MTCNA/RE/WE/UME/INE/TCE)● Mikrotik Certified Consultant● Work: Telco engineer, Sysadmin, PHP programmer,
and Lecturer● Personal website: http://achmadjournal.com● More info:
http://au.linkedin.com/in/achmadmardiansyah
5
www.glcnetworks.com
Please introduce yourself
● Your name● Your company/university?● Your networking experience?● Your mikrotik experience?● Your expectation from this course?
6
www.glcnetworks.com
What is Mikrotik?
● Name of a company● A brand● A program (e.g. mikrotik academy)● Headquarter: Riga, Latvia
7
www.glcnetworks.com
What are mikrotik products?
● Router OS○ The OS. Specialized for networking○ Website: www.mikrotik.com/download
● RouterBoard○ The hardware○ RouterOS installed○ Website: www.routerboard.com
8
www.glcnetworks.com
What Router OS can do?
● Go to www.mikrotik.com○ Download: what_is_routeros.pdf○ Download: product catalog○ Download: newsletter
9
www.glcnetworks.com
What are Mikrotik training & certifications?
10
Certificate validity is 3 years
www.glcnetworks.com
What is Mikrotik firewall?
● Is a feature to○ Control network access (filter)○ Modify network header (NAT)○ Marking packet for further processing (mangle)
● Developed from linux● Consist of 2 parts: matcher & action● Executed sequentially● Netadmin must understand the application’s characteristics in order to build a
matcher (e.g. browsing -> using TCP port 80)
12
www.glcnetworks.com
How firewall works?● Setup matcher -> then action● Mikrotik has lots of options for matcher
-> very flexible● Matcher + Action = Firewall rule● Rule is executed sequentially
13
www.glcnetworks.com 14
Where the packet is processed?A: see packet flowNote: ipsec is removed in this diagram
www.glcnetworks.com 1515
What's the difference between forward and input?
FORWARD
INPUT
www.glcnetworks.com 17
On which chain can you apply filter?
www.glcnetworks.com 18
Common place to block DDOS attack? We use filter table
www.glcnetworks.com
Filter table
Filter table is used to control network access. Which means, we can:
● Accept● Add to address list● Drop● Fasstrack● Jump● Log● Passthrough● Reject● Return● Tarpit
Network traffic
19
www.glcnetworks.com
Example rules
● REJECT incoming ICMP to router/ip firewall filter add chain=input protocol=icmp action=reject
● DROP passing through ICMP traffic on router/ip firewall filter add chain=forward protocol=icmp action=drop
21
www.glcnetworks.com
DROP vs REJECT?
Which one is better?
22
www.glcnetworks.com
Interested?Just come to our training...
Special price for webinar attendees…
http://www.glcnetworks.com/main/schedule
23
www.glcnetworks.com
End of slides
● Thank you for your attention ● Please submit your feedback: http://bit.ly/glcfeedback● Like our facebook page: “GLC networks”● Slide: http://www.slideshare.net/r41nbuw ● Recording: https://www.youtube.com/channel/UCI611_IIkQC0rsLWIFIx_yg ● Stay tune with our schedule
24