Page 1 of 1
How to block SMB protocol
Posted: Mon Jun 12, 2017 10:59 pm
by Theennd
Hi some of my ips sent bandwidth to ips with smb protocol and i want to block SMB on my network on mikrotik how can i do this ? i didnt see anything on this forum
Re: How to block SMB protocol
Posted: Mon Jun 12, 2017 11:50 pm
by ZeroByte
In the forwarding chain, add a rule which drops packet whose dst-port=445
Re: How to block SMB protocol
Posted: Mon Jun 12, 2017 11:54 pm
by Theennd
In the forwarding chain, add a rule which drops packet whose dst-port=445
i do this but nothing happend smb steal open
Re: How to block SMB protocol
Posted: Mon Jun 12, 2017 11:57 pm
by ZeroByte
Make sure that the rule comes before any other rule that would accept the packets.
For instance, if there's a rule in the forward chain which accepts all packets when out-interface=WAN, and if this rule comes before (above) your "block SMB" rule, then the block rule is never going to get a chance to match because the firewall stops as soon as it matches a packet. (just drag your block rule higher up the list - (preferably after the "accept connection-state=established,related" rule)
Re: How to block SMB protocol
Posted: Mon Jun 12, 2017 11:57 pm
by msatter
I am puzzled by this and to me you are sending out to random addresses or to addresses that you are already were talking to.
viewtopic.php?f=13&t=121584&hilit=:445