User Tools

Site Tools


mikrotik_firewall_bruteforce_protection

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
mikrotik_firewall_bruteforce_protection [2019/12/24 10:43]
admin
mikrotik_firewall_bruteforce_protection [2020/04/29 18:55]
admin
Line 1: Line 1:
 <code> <code>
 /ip firewall filter /ip firewall filter
-add action=jump chain=input comment="catch new UDP connections" connection-state=new dst-port=500,4500,1701,53 in-interface-list=WAN jump-target=anti-bruteforce protocol=udp src-address-list=!hosts.allow +add action=jump chain=input comment="catch new UDP connections" connection-state=new dst-port=500,4500,1701 in-interface-list=WAN jump-target=anti-bruteforce protocol=udp src-address-list=!hosts.allow 
-add action=jump chain=input comment="catch new TCP connections" connection-state=new dst-port=1723,22,8291,53 in-interface-list=WAN jump-target=anti-bruteforce protocol=tcp src-address-list=!hosts.allow +add action=jump chain=input comment="catch new TCP connections" connection-state=new dst-port=1723,22,53 in-interface-list=WAN jump-target=anti-bruteforce protocol=tcp src-address-list=!hosts.allow 
-add action=jump chain=forward comment="catch new UDP connections" connection-state=new dst-port=500,4500,1701 in-interface-list=WAN jump-target=anti-bruteforce protocol=udp src-address-list=!hosts.allow+
 add action=jump chain=forward comment="catch new TCP connections" connection-state=new dst-port=22,3389 in-interface-list=WAN jump-target=anti-bruteforce protocol=tcp src-address-list=!hosts.allow add action=jump chain=forward comment="catch new TCP connections" connection-state=new dst-port=22,3389 in-interface-list=WAN jump-target=anti-bruteforce protocol=tcp src-address-list=!hosts.allow
 add action=return chain=anti-bruteforce comment="return (allow) some catched connections back to main firewall flow" dst-limit=6/1m,6,src-address/2m add action=return chain=anti-bruteforce comment="return (allow) some catched connections back to main firewall flow" dst-limit=6/1m,6,src-address/2m
mikrotik_firewall_bruteforce_protection.txt · Last modified: 2020/04/29 18:55 by admin