Community discussions

MikroTik App
  4. RouterOS
  5. General

dst rate limiting

Post Reply
 
alexandrecorrea
just joined
Topic Author
Posts: 23
Joined: Fri Sep 22, 2006 6:18 pm
Location: Sacramento, MG, Brasil
Contact:
Contact alexandrecorrea

dst rate limiting

Wed Jan 07, 2009 7:32 am

how i can build rule filter in forward chain to match ip src that try to connect to one port but different dst addres... if src try to stablish connection o same port on many diferrent hosts.. i need to log or add to address list..

it´s to identify users with worm using remote SMTP to send spam... and need to identify these clients....

example:

src ip 192.168.100.33 request 5 new connections to port 25 on differents dst address less tan 1 sec.. add this src addres to one address-list...

.. this rule
Code: Select all
/ ip firewall filter
add action=add-src-to-address-list address-list=smtp-flood address-list-timeout=0s chain=forward comment="" connection-state=new \
    connection-type="" disabled=no dst-limit=1,5,dst-address/1m40s dst-port=25 protocol=tcp src-address-list=client_ips
do this ?

thanks
Top
 
marlowbg
newbie
Posts: 33
Joined: Wed Oct 06, 2010 4:23 pm

Re: dst rate limiting

Fri Mar 25, 2016 11:33 am

I'm also looking to achieve this.

Any help?
Top
Post Reply
  4. RouterOS
  5. General