Focus & Learn

  Class 06: Security Management Objectives - Firewall rules & port blocking Site blocking VPN/Tunnels overview PPPoE system Load balancing 1. Firewall Rules & Port Blocking (Baseline Security) Step 1: Basic Firewall Protection /ip firewall filter # Allow established & related traffic add chain=input connection-state=established,related action=accept comment="Allow established" # Drop invalid packets add chain=input connection-state=invalid action=drop comment="Drop invalid" # Allow LAN access to router add chain=input src-address=192.168.0.0/16 action=accept comment="Allow LAN" # Drop all other access (WAN protection) add chain=input in-interface=WAN action=drop comment="Block WAN access" Step 2: Block Dangerous Ports (Example) # Block Telnet (23), FTP (21), SMB (445) add chain=forward protocol=tcp dst-port=21,23,445 action=drop comment="Block risky ports" # Block Torrent ports (common range) add chain=forward protocol=tcp ...

  Class-05: Bandwidth Control & Traffic Shaping Objectives - Introduction to Bandwidth Management Simple Queues for Traffic Limiting Managing User Bandwidth with Simple Queues Traffic Shaping and Priority Queuing  Creating ISP packages (burst/day-night plans) & Bandwidth Monitoring Concept Overview - Bandwidth Management is the process of controlling network traffic to ensure fair distribution of available bandwidth, prevent congestion, and improve performance for critical services. Traffic Shaping is a bandwidth management technique that delays and regulates packet flow to smooth network traffic, reduce bursts, and meet defined Quality of Service (QoS) policies. How It Works (Theory) Bandwidth management in MikroTik is based on traffic classification, marking, and queue scheduling. Traffic Classification Identify packets by IP, MAC, port, protocol, or Layer7 (application signatures). Example: Recognizing VoIP packets by UDP ports 5060, or identifying YouTube traffic ...