MikroTik

Is there any way to build a firewall rule to block PPPoE discovey broadcasts?

Ethertype = 8863 (PPPoE Discovery)

Use bridge firewall in "/interface bridge firewall" menu

Eugene:

would it be possible to have the ability to match pppoe specific packet fields added to bridge filter?

Thanks, that was what I was looking for.

Dear Sir,

i am running PPPoE server in router mode how can i enable the bridge firewall ?? if i enable bridge firewall that wont affect the rule

Nishit

Dear Sir,

i am running PPPoE server in router mode how can i enable the bridge firewall ?? if i enable bridge firewall that wont affect the rule

Nishit

You probably need to give more info on your config and what you are trying to achieve. PPPoE discovery broadcasts are not forwarded/routed at layer 3.

Dear Sir,


I have customer running on PPPoE but customer are connecting threw PPPoE username and password & found that in tourch 0.0.0.0 with traffic approx 2Mbps + due to the same customer are getting error Connecting Throw WAN MiniPort (678)

can you advice how i drop this 0.0.0.0 traffic

NIshit

The 0.0.0.0 traffic could be PPPoE session traffic. Which MAC protocol does it show?

Dear Sir,

it is not showing any protocol also can you can see attached screen shot

Nshit

The 8864 traffic looks like PPPoE session traffic. From your original question I can't tell what seems unusual about it.

Dear Sir,

does this traffic is normal traffic ?? As my customer are getting all time WAN miniport 678 error in case of connecting threw PPPoE Client

Nishit

hi i need to block certain clients after some bad password attempts and blocking time will be 10 min..

how can i do that in mikrotik using bridge and firewall...
i am doing this but its not time level.

/interface bridge filter
add action=drop chain=input disabled=no mac-protocol=pppoe-discovery src-mac-address=00:23:AE:A8:1F:7F/FF:FF:FF:FF:FF:FF


i need this with automatically mac address catch and then this mac will block for 10 min.. is it possible?