MikroTik

Community discussions
https://forum.mikrotik.com/

anti dos attack rule for forward

https://forum.mikrotik.com/viewtopic.php?t=80360

Page 1 of 1

anti dos attack rule for forward

Posted: Mon Dec 30, 2013 6:28 pm
by Ehman
Hi

Ive been struggling to make a forward rule to stop a internal IP to dos attack a external IP

Code: Select all
add action=add-src-to-address-list address-list=Syn_Flooder \
    address-list-timeout=30m chain=forward connection-limit=100,32 protocol=\
    tcp tcp-flags=syn

this rule suck, it keeps on adding the src and dst to my address list, but I only want to add the src address to my address list, I don't care about the dst ip that is getting attack, can someone help me?

when changed to input the rule works like a charm

Re: anti dos attack rule for forward

Posted: Mon Dec 30, 2013 6:53 pm
by ditonet
Add 'incoming' and 'outgoing' interfaces as conditions to rule.

HTH,

Re: anti dos attack rule for forward

Posted: Mon Dec 30, 2013 10:59 pm
by Ehman
Add 'incoming' and 'outgoing' interfaces as conditions to rule.

HTH,
I'm such a idiot sometimes :lol: ... .thx mate :D
All times are UTC+02:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/