• redirect - redirect the packet to the bridge itself (only valid in dstnat chain)
• return - return to the previous chain, from where the jump took place
• src-nat - change source MAC address of a packet (only valid in srcnat chain)
out-bridge ( name ) - outgoing bridge interface
out-interface ( name ) - interface via packet is leaving the bridge
to-arp-reply-mac-address ( MAC address ) - source MAC address to put in Ethernet frame and
ARP payload, when action=arp-reply is selected
to-dst-mac-address ( MAC address ) - destination MAC address to put in Ethernet frames, when
action=dst-nat is selected
to-src-mac-address ( MAC address ) - source MAC address to put in Ethernet frames, when
action=src-nat is selected
Bridge Brouting Facility
Home menu level: /interface bridge broute
Description
This section describes broute facility specific options, which were omitted in the general firewall
description
The Brouting table is applied to every packet entering a forwarding enslaved interface (i.e., it does
not work on regular interfaces, which are not included in a bridge)
Property Description
action ( accept | drop | dst-nat | jump | log | mark | passthrough | redirect | return ; default: accept )
- action to undertake if the packet matches the rule, one of the:
• accept - let the bridging code decide, what to do with this packet
• drop - extract the packet from bridging code, making it appear just like it would come from a
not-bridged interface (no further bridge decisions or filters will be applied to this packet except
if the packet would be router out to a bridged interface, in which case the packet would be
processed normally, just like any other routed packet )
• dst-nat - change destination MAC address of a packet (only valid in dstnat chain), an let
bridging code to decide further actions
• jump - jump to the chain specified by the value of the jump-target argument
• log - log the packet
• mark - mark the packet to use the mark later
• passthrough - ignore this rule and go on to the next one. Acts the same way as a disabled rule,
except for ability to count packets
• redirect - redirect the packet to the bridge itself (only valid in dstnat chain), an let bridging
code to decide further actions
• return - return to the previous chain, from where the jump took place
to-dst-mac-address ( MAC address ) - destination MAC address to put in Ethernet frames, when
action=dst-nat is selected
Page 167 of 695
Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
To Next Page
Loading...
General