Beginner Basics • Firewall check

/interface listadd name=WANadd name=LAN/interface list memberadd interface=internet list=WANadd interface=bridge1 list=LANadd interface=wireguard1 list=LAN/ip firewall filteradd action=accept chain=forward comment="Allow new connections to the internet from LAN" connection-state=new in-interface-list=LANadd action=accept chain=forward comment="Allow established,related,untracked" connection-state=established,related,untrackedadd action=accept chain=forward comment="Allow port 8086 only for the address list Remote_Probes" dst-port=8086 protocol=tcp src-address-list=Remote_Probesadd action=drop chain=forward comment="Drop All Forwarded"add action=accept chain=input comment="Allow DNS traffic from LAN to router" in-interface-list=LAN port=53 protocol=udpadd action=accept chain=input comment="Allow DNS traffic from LAN to router" in-interface-list=LAN port=53 protocol=tcpadd action=accept chain=input comment="Allow WireGuard traffic" dst-port=13231 protocol=udpadd action=accept chain=input comment="Allow traffic from LAN interface list to the router" in-interface-list=LANadd action=drop chain=input comment="Drop All New"/ip firewall natadd action=masquerade chain=srcnat comment="Enable NAT on WAN interface" out-interface-list=WANadd action=dst-nat chain=dstnat comment="Destination NAT to forward traffic on port 8086 to 172.16.10.3" dst-port=8086 in-interface-list=WAN dst-nat protocol=tcp to-addresses=172.16.10.3 to-ports=8086/ip firewall service-portset ftp disabled=yesset tftp disabled=yesset h323 disabled=yesset sip disabled=yes