June 2019 Archives

Get RouterOS latest version

Vote 0 Votes

curl https://upgrade.mikrotik.com/routeros/LATEST.6

long term
curl https://upgrade.mikrotik.com/routeros/LATEST.6fix

curl https://upgrade.mikrotik.com/routeros/LATEST.6rc

curl https://upgrade.mikrotik.com/routeros/LATEST.7

6.44.3 1556023023
第一個欄位是版本, 第二個欄位應該是 build time (seconds since 1970-01-01 00:00:00 UTC)
目前 development 無資料 (404 Not Found)

因為 IPv6 沒有 NAT, 在 RouterBoard 設置 IPv6 基本防火牆條例是必要的, 否則外部可以使用 IPv6 直連內部的電腦
以下是 PPPoE 環境的 IPv6 基本條例

/ipv6 firewall filter
add action=accept chain=forward connection-state=established in-interface=pppoe-out1 # 容許已建立的連線
add action=accept chain=forward connection-state=related in-interface=pppoe-out1 # 容許關聯連線
add action=accept chain=forward in-interface=pppoe-out1 protocol=icmpv6 # 容許外面 ping 內部電腦
add action=accept chain=forward dst-port=22 in-interface=pppoe-out1 protocol=tcp # 容許外面連內部的 Port 22, 不需要可以移除
add action=accept chain=input in-interface=pppoe-out1 protocol=icmpv6 # 容許外面 ping RouterBoard 本身
add action=accept chain=input comment="DHCPv6 client" dst-port=546 protocol=udp # 容許 DHCPv6 client, 一定要加, 不然會拿不到 IP
add action=drop chain=forward in-interface=pppoe-out1 # DROP 其餘轉發封包
add action=drop chain=input in-interface=pppoe-out1 # DROP 其餘對 RouterBoard 本身的封包, 經由 pppoe-out1 進來
add action=drop chain=input in-interface=ether1 # DROP 其餘對 RouterBoard 本身的封包, 經由 ether1 進來
# 因為 pppoe-out1 是經由 ether1 撥的, 也加上去

這邊的 chain=forward 是指轉發封包, 經過 RouterBoard
chain=input 是指對 RouterBoard 本身
上面的範例 IPv6 外對內就只有 ping 及 Port 22 有通, 內對外不受限制

About this Archive

This page is an archive of entries from June 2019 listed from newest to oldest.

May 2019 is the previous archive.

July 2019 is the next archive.

Find recent content on the main index or look in the archives to find all content.

Monthly Archives