Народ нужна помощь не могу прокинуть порты. Конфиг фаервола микротика
ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; Minecraft
chain=dstnat action=dst-nat to-addresses=192.168.1.99 to-ports=25565 protocol=tcp dst-port=25565
1 ;;; Internet Domolink
chain=srcnat action=masquerade src-address-list=Green out-interface=Domolink
2 X ;;; Green OpenVPN
chain=dstnat action=dst-nat to-addresses=192.168.1.111 to-ports=8888 protocol=tcp dst-port=8888
3 X ;;; Centos Samba
chain=dstnat action=dst-nat to-addresses=192.168.1.100 to-ports=137 protocol=udp dst-address=10.8.0.0/24 dst-port=137
4 X chain=dstnat action=dst-nat to-addresses=192.168.1.100 to-ports=139 protocol=udp dst-address=10.8.0.0/24 dst-port=138
5 X chain=dstnat action=dst-nat to-addresses=192.168.1.100 to-ports=139 protocol=tcp dst-address=10.8.0.0/24 dst-port=139
6 X chain=dstnat action=dst-nat to-addresses=192.168.1.100 to-ports=445 protocol=tcp dst-address=10.8.0.0/24 dst-port=445
7 X ;;; PPTP Linux
chain=dstnat action=dst-nat to-addresses=192.168.1.111 to-ports=1723 protocol=tcp dst-port=1723
8 X chain=dstnat action=dst-nat to-addresses=192.168.1.111 protocol=gre
ip firewall filter print
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; Allow IKE
chain=input action=accept protocol=udp dst-port=500
1 ;;; Allow IPSec-esp
chain=input action=accept protocol=ipsec-esp
2 ;;; Allow IPSec-ah
chain=input action=accept protocol=ipsec-ah
3 ;;; IPTV
chain=input action=accept protocol=udp dst-port=5000
4 chain=input action=accept protocol=igmp
5 ;;; Minecraft
chain=forward action=accept protocol=tcp dst-port=25565
6 X ;;; OpenVPN
chain=input action=accept protocol=tcp dst-port=1194
7 X chain=input action=accept protocol=tcp dst-port=443
8 X ;;; Green OpenVPN
chain=forward action=accept protocol=tcp dst-port=8888
9 X ;;; Centos Samba
chain=forward action=accept protocol=udp dst-address=10.8.0.0/24 dst-port=137
10 X chain=forward action=accept protocol=udp dst-address=10.8.0.0/24 dst-port=138
11 X chain=forward action=accept protocol=tcp dst-address=10.8.0.0/24 dst-port=139
12 X chain=forward action=accept protocol=tcp dst-address=10.8.0.0/24 dst-port=445
13 X ;;;
chain=forward action=reject reject-with=tcp-reset protocol=tcp src-address=192.168.1.99 in-interface=!Domolink content=Host: ok.ru
14 ;;; -
chain=forward action=add-src-to-address-list protocol=tcp src-address-list=!spamer address-list=spamer address-list-timeout=30s
dst-port=25 connection-limit=30,32 limit=50,5
15 ;;; Allowed PPTP
chain=input action=accept protocol=tcp dst-port=1723
16 chain=input action=accept protocol=gre
17 X ;;; Allowed PPTP Green
chain=forward action=accept protocol=tcp dst-port=1723
18 X chain=forward action=accept protocol=gre
19 X ;;; Allowed L2TP
chain=input action=accept protocol=tcp dst-port=1701
20 ;;; ssh
chain=input action=accept protocol=tcp dst-port=8291
21 ;;; FTP
chain=input action=accept protocol=tcp dst-port=21
22 ;;; Drop invalid connections
chain=input action=drop connection-state=invalid
23 ;;; Allow esatblished connections
chain=input action=accept connection-state=established
24 ;;; Allow related connections
chain=input action=accept connection-state=related
25 ;;; Allow UDP
chain=input action=accept protocol=udp
26 ;;; Allow ICMP
chain=input action=accept protocol=icmp
27 ;;; Allow connection to router from local network
chain=input action=accept in-interface=!Domolink
28 ;;; Drop everything else
chain=input action=drop
29 chain=forward action=jump jump-target=customer in-interface=Domolink
30 ;;; Drop invalid connection packets
chain=customer action=drop connection-state=invalid
31 ;;; Allow esatblished connections
chain=customer action=accept connection-state=established
32 ;;; Allow related connections
chain=customer action=accept connection-state=related
33 ;;; Drop and log everything else
chain=customer action=drop
