Skip to content

Add-RouterOsIpFirewallFilter

SYNOPSIS

Add firewall filter

SYNTAX

Default

Add-RouterOsIpFirewallFilter [-ComputerName] <String> [-Port] <Int32> [-Credential] <PSCredential>
 [-ShowCommand] [-Action <String>] [-AddressList <String>] [-AddressListTimeout <String>] [-Chain <String>]
 [-Comment <String>] [-ConnectionBytes <String>] [-ConnectionLimit <String>] [-ConnectionMark <String>]
 [-ConnectionNatState <String>] [-ConnectionRate <String>] [-ConnectionState <String>]
 [-ConnectionType <String>] [-Content <String>] [-CopyFrom <String>] [-Disabled <String>] [-Dscp <String>]
 [-DstAddress <String>] [-DstAddressList <String>] [-DstAddressType <String>] [-DstLimit <String>]
 [-DstPort <String>] [-Fragment <String>] [-Hotspot <String>] [-HwOffload <String>] [-IcmpOptions <String>]
 [-InBridgePort <String>] [-InBridgePortList <String>] [-InInterface <String>] [-InInterfaceList <String>]
 [-IngressPriority <String>] [-IpsecPolicy <String>] [-Ipv4Options <String>] [-JumpTarget <String>]
 [-Layer7Protocol <String>] [-Limit <String>] [-Log <String>] [-LogPrefix <String>] [-Nth <String>]
 [-OutBridgePort <String>] [-OutBridgePortList <String>] [-OutInterface <String>] [-OutInterfaceList <String>]
 [-P2p <String>] [-PacketMark <String>] [-PacketSize <String>] [-PerConnectionClassifier <String>]
 [-PlaceBefore <String>] [-FirewallPort <String>] [-Priority <String>] [-Protocol <String>] [-Psd <String>]
 [-Random <String>] [-Realm <String>] [-RejectWith <String>] [-RoutingMark <String>] [-SrcAddress <String>]
 [-SrcAddressList <String>] [-SrcAddressType <String>] [-SrcMacAddress <String>] [-SrcPort <String>]
 [-TcpFlags <String>] [-TcpMss <String>] [-Time <String>] [-TlsHost <String>] [-Ttl <String>]
 [-ProgressAction <ActionPreference>] [<CommonParameters>]

Session

Add-RouterOsIpFirewallFilter [-ShowCommand] -Session <RouterOsSession> [-Action <String>]
 [-AddressList <String>] [-AddressListTimeout <String>] [-Chain <String>] [-Comment <String>]
 [-ConnectionBytes <String>] [-ConnectionLimit <String>] [-ConnectionMark <String>]
 [-ConnectionNatState <String>] [-ConnectionRate <String>] [-ConnectionState <String>]
 [-ConnectionType <String>] [-Content <String>] [-CopyFrom <String>] [-Disabled <String>] [-Dscp <String>]
 [-DstAddress <String>] [-DstAddressList <String>] [-DstAddressType <String>] [-DstLimit <String>]
 [-DstPort <String>] [-Fragment <String>] [-Hotspot <String>] [-HwOffload <String>] [-IcmpOptions <String>]
 [-InBridgePort <String>] [-InBridgePortList <String>] [-InInterface <String>] [-InInterfaceList <String>]
 [-IngressPriority <String>] [-IpsecPolicy <String>] [-Ipv4Options <String>] [-JumpTarget <String>]
 [-Layer7Protocol <String>] [-Limit <String>] [-Log <String>] [-LogPrefix <String>] [-Nth <String>]
 [-OutBridgePort <String>] [-OutBridgePortList <String>] [-OutInterface <String>] [-OutInterfaceList <String>]
 [-P2p <String>] [-PacketMark <String>] [-PacketSize <String>] [-PerConnectionClassifier <String>]
 [-PlaceBefore <String>] [-FirewallPort <String>] [-Priority <String>] [-Protocol <String>] [-Psd <String>]
 [-Random <String>] [-Realm <String>] [-RejectWith <String>] [-RoutingMark <String>] [-SrcAddress <String>]
 [-SrcAddressList <String>] [-SrcAddressType <String>] [-SrcMacAddress <String>] [-SrcPort <String>]
 [-TcpFlags <String>] [-TcpMss <String>] [-Time <String>] [-TlsHost <String>] [-Ttl <String>]
 [-ProgressAction <ActionPreference>] [<CommonParameters>]

DESCRIPTION

Add firewall filter

EXAMPLES

Example

Using Session
$Credential = $([pscredential]::New('admin',$(ConvertTo-SecureString -String 'admin' -AsPlainText -Force)))
$session = New-RouterOsSession -ComputerName '10.0.0.1' -Port 22 -Credential $Credential
Add-RouterOsIpFirewallFilter -Session $session -Action accept -Chain input -Comment "defconf: accept ICMP after RAW" -Protocol icmp
Remove-RouterOsSession -Session $session
RouterOS CLI
/ip firewall filter add action=accept chain=input comment="defconf: accept ICMP after RAW" protocol=icmp

Example

Using PSCredential
$Credential = $([pscredential]::New('admin',$(ConvertTo-SecureString -String 'admin' -AsPlainText -Force)))
Add-RouterOsIpFirewallFilter -ComputerName '10.0.0.1' -Port 22 -Credential $Credential -Action accept -Chain input -Comment "defconf: accept ICMP after RAW" -Protocol icmp
RouterOS CLI
/ip/firewall/filter/add action=accept chain=input comment="defconf: accept ICMP after RAW" protocol=icmp

PARAMETERS

-Action

{{ Fill Action Description }}

Type: String
Parameter Sets: (All)
Aliases:
Accepted values: accept, add-dst-to-address-list, add-src-to-address-list, drop, fasttrack-connection, jump, log, passthrough, reject, return, tarpit

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-AddressList

{{ Fill AddressList Description }}

Type: String
Parameter Sets: (All)
Aliases:
Accepted values: forward, input, output

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-AddressListTimeout

{{ Fill AddressListTimeout Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Chain

{{ Fill Chain Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Comment

{{ Fill Comment Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-ComputerName

{{ Fill ComputerName Description }}

Type: String
Parameter Sets: Default
Aliases:

Required: True
Position: 0
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-ConnectionBytes

{{ Fill ConnectionBytes Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-ConnectionLimit

{{ Fill ConnectionLimit Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-ConnectionMark

{{ Fill ConnectionMark Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-ConnectionNatState

{{ Fill ConnectionNatState Description }}

Type: String
Parameter Sets: (All)
Aliases:
Accepted values: dstnat, ein-dnat, ein-snat, srcnat, !

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-ConnectionRate

{{ Fill ConnectionRate Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-ConnectionState

{{ Fill ConnectionState Description }}

Type: String
Parameter Sets: (All)
Aliases:
Accepted values: established, invalid, new, related, untracked, !

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-ConnectionType

{{ Fill ConnectionType Description }}

Type: String
Parameter Sets: (All)
Aliases:
Accepted values: ftp, h323, irc, pptp, quake3, sip, tftp, !

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Content

{{ Fill Content Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-CopyFrom

{{ Fill CopyFrom Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Credential

{{ Fill Credential Description }}

Type: PSCredential
Parameter Sets: Default
Aliases:

Required: True
Position: 3
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-Disabled

{{ Fill Disabled Description }}

Type: String
Parameter Sets: (All)
Aliases:
Accepted values: yes, no

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Dscp

{{ Fill Dscp Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-DstAddress

{{ Fill DstAddress Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-DstAddressList

{{ Fill DstAddressList Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-DstAddressType

{{ Fill DstAddressType Description }}

Type: String
Parameter Sets: (All)
Aliases:
Accepted values: blackhole, broadcast, local, multicast, unicast, !

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-DstLimit

{{ Fill DstLimit Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-DstPort

{{ Fill DstPort Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-FirewallPort

{{ Fill FirewallPort Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Fragment

{{ Fill Fragment Description }}

Type: String
Parameter Sets: (All)
Aliases:
Accepted values: yes, no

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Hotspot

{{ Fill Hotspot Description }}

Type: String
Parameter Sets: (All)
Aliases:
Accepted values: auth, from-client, http, local-dst, to-client, !

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-HwOffload

{{ Fill HwOffload Description }}

Type: String
Parameter Sets: (All)
Aliases:
Accepted values: yes, no

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-IcmpOptions

{{ Fill IcmpOptions Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-InBridgePort

{{ Fill InBridgePort Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-InBridgePortList

{{ Fill InBridgePortList Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-InInterface

{{ Fill InInterface Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-InInterfaceList

{{ Fill InInterfaceList Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-IngressPriority

{{ Fill IngressPriority Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-IpsecPolicy

{{ Fill IpsecPolicy Description }}

Type: String
Parameter Sets: (All)
Aliases:
Accepted values: in, out

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Ipv4Options

{{ Fill Ipv4Options Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-JumpTarget

{{ Fill JumpTarget Description }}

Type: String
Parameter Sets: (All)
Aliases:
Accepted values: forward, input, output

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Layer7Protocol

{{ Fill Layer7Protocol Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Limit

{{ Fill Limit Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Log

{{ Fill Log Description }}

Type: String
Parameter Sets: (All)
Aliases:
Accepted values: yes, no

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-LogPrefix

{{ Fill LogPrefix Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Nth

{{ Fill Nth Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-OutBridgePort

{{ Fill OutBridgePort Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-OutBridgePortList

{{ Fill OutBridgePortList Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-OutInterface

{{ Fill OutInterface Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-OutInterfaceList

{{ Fill OutInterfaceList Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-P2p

{{ Fill P2p Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-PacketMark

{{ Fill PacketMark Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-PacketSize

{{ Fill PacketSize Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-PerConnectionClassifier

{{ Fill PerConnectionClassifier Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-PlaceBefore

{{ Fill PlaceBefore Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Port

{{ Fill Port Description }}

Type: Int32
Parameter Sets: Default
Aliases:

Required: True
Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-Priority

{{ Fill Priority Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Protocol

{{ Fill Protocol Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Psd

{{ Fill Psd Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Random

{{ Fill Random Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Realm

{{ Fill Realm Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-RejectWith

{{ Fill RejectWith Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-RoutingMark

{{ Fill RoutingMark Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Session

{{ Fill Session Description }}

Type: RouterOsSession
Parameter Sets: Session
Aliases:

Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-ShowCommand

{{ Fill ShowCommand Description }}

Type: SwitchParameter
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-SrcAddress

{{ Fill SrcAddress Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-SrcAddressList

{{ Fill SrcAddressList Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-SrcAddressType

{{ Fill SrcAddressType Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-SrcMacAddress

{{ Fill SrcMacAddress Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-SrcPort

{{ Fill SrcPort Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-TcpFlags

{{ Fill TcpFlags Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-TcpMss

{{ Fill TcpMss Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Time

{{ Fill Time Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-TlsHost

{{ Fill TlsHost Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Ttl

{{ Fill Ttl Description }}

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-ProgressAction

{{ Fill ProgressAction Description }}

Type: ActionPreference
Parameter Sets: (All)
Aliases: proga

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

INPUTS

System.String

System.Int32

System.Management.Automation.PSCredential

psrouteros.Helper.RouterOsSession

OUTPUTS

System.Void

NOTES