Firewall add to src-list
Posted: Sun Mar 18, 2018 9:30 pm
Please help.I need example rule for example if src-add sends tcp-syn packet more X packet/sec for X sec or if src X packet/sec reach add to source list.Thanks for future help.
dst-limit
dst-port
forward
input
place-before
/ip firewall filter
add chain=limiter action=return dst-limit=10/5s,10,src-and-dst-addresses
add chain=limiter action=add-src-to-address-list address-list=syn-rate-exceeded
add chain=limiter action=return
add chain=forward action=jump jump-target=limiter protocol=tcp tcp-flags=syn in-interface=ether1 [dst-port=22,443 place-before=3]