How to debug Mikrotik bridge filter forward rules not having any effect?

Question

As part of diagnosing a different problem were trying to add a bridge filter rule that will stop all traffic from forwarding between two interfaces on a bridge.

The router has two interfaces ether1 and ether2 on a bridge.

we then added a rule with this

/interface bridge filter
add action=drop chain=forward in-interface=ether1

i had expected this to stop all traffic that arrived on ether1 from being forwarded across the bridge and going out ether2. However traffic continues to flow and this rule has no effect.

if prev doesn't help check hardware offload check box - it should be unmarked. — Алексей Норцов, Jul 09 '19 at 15:33

score 1 · Accepted Answer · edited Feb 21 '19 at 12:47

1

Do you have use-ip-firewall set to yes at interface->bridge-> settings ? ( https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_Settings )

edited Feb 21 '19 at 12:47

Arthur Ulfeldt

3,249
9
33
40

answered Feb 18 '19 at 22:43

Sandor Marton

1,564
9
12

I don't think that is required for rules applied at the bridge filter. Maybe you should try disabling hardware offloading of the bridge ports. – LatinSuD Feb 15 '22 at 19:19

How to debug Mikrotik bridge filter forward rules not having any effect?

1 Answers1