Firewall and Quality of Service
This section covers RouterOS firewall, NAT, connection tracking, queues, packet flow, and QoS features. Use it to secure traffic, classify packets, and control bandwidth or forwarding behavior.
Connection tracking
Connection tracking in MikroTik RouterOS enables stateful firewall functionality by monitoring logical network connections, supporting NAT and various firewall features. It assigns packets to states like new, established, related, invalid, or untracked, with FastTrack optimizing TCP/UDP packet forwarding.
Firewall
6 items
Firewall and QoS Case Studies
5 items
Kid Control
Kid Control is a RouterOS feature allowing parental control over LAN devices by setting daily internet access schedules, bandwidth limits, and device-specific restrictions through profiles and firewall rules.
NAT-PMP
NAT-PMP is a protocol enabling transparent peer-to-peer connectivity by mapping internal IPv4 addresses to external ones via dynamic NAT rules, using UDP ports 5350 and 5351 on client and server sides respectively.
Packet Flow in RouterOS
This page explains how data packets flow through MikroTik RouterOS, detailing the interaction between bridging, routing, MPLS decisions, and firewall chains. It includes diagrams illustrating packet processing stages from entry to exit points, along with descriptions of key components like routing tables and firewall chains.
Queues
5 items
UPnP
MikroTik RouterOS supports UPnP for transparent peer-to-peer connectivity, enabling dynamic network discovery and NAT traversal. The documentation covers general properties like interface types (internal/external) and security settings, along with configuration examples for enabling UPnP on router interfaces.