...
By default mac server runs on all interfaces, so we will disable default all entry and add a local interface to disallow MAC connectivity from the WAN port. MAC Telnet Server feature allows you to apply restrictions to the interface "list".
First, create an interface list:
| Code Block |
|---|
| language | textros |
|---|
| theme | FadeToGrey |
|---|
|
[admin@MikroTik] > /tool mac-server> print
Flags: X - disabled, * - default
# INTERFACE
0 * allinterface list add name=listBridge |
Then, add your previously created bridge named "local" to the interface list:
| Code Block |
|---|
|
[admin@MikroTik] > /interface list member add list=listBridge interface=local |
Apply newly created "list" (of interfaces) to the MAC server:
| Code Block |
|---|
|
/[admin@MikroTik] > tool mac-server
disable 0;
add interface=local;set allowed-interface-list=listBridge |
Do the same for Winbox MAC access
| Code Block |
|---|
|
/[admin@MikroTik] > tool mac-server mac-winbox
disable 0;
add interface=local; set allowed-interface-list=listBridge |
| Section |
|---|
Winbox/Webfig actions: |
| Section |
|---|
Winbox/Webfig actions: | Column |
|---|
| - Open Interfaces → Interface List → Lists window and add a new list by clicking "+";
- Input the interface list name "listBridge" into the Name field and click OK;
- Go back to the Interfaces → Interface List section and click "+";
- Select "listBridge" from the dropdown List options and select "local" from the dropdown Interface options;
| - Open Tools -> Mac Server window, Telnet Interfaces tab should be selected;
- Click on the + "MAC Telnet Server" button, a new dialog will open;
- Select interface local form the newly created list "listBridge" from the dropdown list and click on OK button to apply settings;
- From the list of entries in the Telnet Interface tab select all and click on x to disable the selected entry.
|
| Column |
|---|
|
|
Do the same in the MAC Winbox InterfaceServer tab to block Mac Winbox connections from the internet
...