Print

Simple Mikrotik Syntax

Posted in How Did I Do That?

I have Mikrotik stuff elsewhere, but this is for quick reference

SOHO Port forwarding

/ip firewall nat add chain=dstnat dst-address=66.21.14.0/24 protocol=tcp dst-port=20111 \
    action=dst-nat to-addresses=10.10.3.101 to-ports=22

Firewall Rule that Includes Duration

add chain=input comment="Allow limited pings" limit=50/5s,2 protocol=icmp

Bandwidth Throttling

/queue simple add name="bw-throttle" target=wlan1 parent=none packet-marks="" priority=8/8 \
      max-limit=3M/3M burst-limit=6M/6M burst-threshold=3500k/3500k \
      burst-time=15s/15s total-max-limit=6500k

Throttle By MAC

/ip firewall mangle
add chain=prerouting action=mark-connection new-connection-mark=target_device_1 passthrough=yes \
src-mac-address=00:11:6B:00:0C:09
add chain=prerouting action=mark-packet new-packet-mark=target_device_1_packet passthrough=yes \
connection-mark=target_device_1
# Fix mac (above) and target (below) and test
/queue simple
add name="target_device_1_queue" packet-marks=target_device_1_packet burst-limit=5M/1300k \
burst-threshold=3250k/1100k burst-time=30s/30s disabled=no max-limit=3M/1M total-max-limit=5M target=bridge1

Parent/Child Queues

/queue simple
add comment="Limit all BW on bridge2 to 2M" max-limit=350k/2300k name=\
    "3 B2-Parent" queue=default/default target=bridge2 total-max-limit=2300k \
    total-queue=default
add burst-limit=350k/1200k burst-threshold=275k/1M burst-time=30s/30s dst=\
    bridge2 max-limit=250k/1M name="04 Device.201" parent="3 B2-Parent" queue=\
    default/default target=172.17.32.201/32 total-max-limit=1M total-queue=\
    default
add burst-limit=350k/1200k burst-threshold=275k/1M burst-time=30s/30s dst=\
    bridge2 max-limit=250k/1200k name="05 Device.64" parent="3 B2-Parent" queue=\
    default/default target=172.17.32.64/32 total-max-limit=1200k total-queue=\
    default