Dear Friends,
I own a small WISP today I'm getting this error when I'm trying to use the search engine, like Google and yahoo..
We're sorry...
... but your computer or network may be sending automated queries. To protect our users, we can't process your request right now.
How can i know which of my clients are sending this automated queries?
Waiting for your reply.. Thank u all!
Re: cannot search google !!
I think you have just setup your firewall incorectlyDear Friends,
I own a small WISP today I'm getting this error when I'm trying to use the search engine, like Google and yahoo..
We're sorry...
... but your computer or network may be sending automated queries. To protect our users, we can't process your request right now.
How can i know which of my clients are sending this automated queries?
Waiting for your reply.. Thank u all!
At the first i think you're using web proxy but it can be also used from remote computers on your public IP probably on port 8080 TCP. So free web proxies is searching for this security bad configurations and use them for access Google, Yahoo and dangerous websites; It slows down your connection and may cause heavy load on your RouterBoard. Also check, you have to drop UDP 53 for DNS queries from public (heavy load on RouterBoard by public servers). Idealy allow only some traffic on input (public IP) such as port 22, 8291 and everything other on public IP drop. Feel free to ask for more specific answer and give reply if your problem was Web proxy 
-
-
bronco1980
Frequent Visitor
- Posts: 63
- Joined:
Re: cannot search google !!
Thank you for your reply,
can you please give me an example on how to drop UDP 53 for DNS queries from public?
can you please give me an example on how to drop UDP 53 for DNS queries from public?
Re: cannot search google !!
Very simply using firewallThank you for your reply,
can you please give me an example on how to drop UDP 53 for DNS queries from public?
DNS queries can come to UDP and TCP port 53, so if your public IP address is for example 1.2.3.4
ros code
/ip firewall filter add action=drop chain=input dst-address=1.2.3.4 protocol=tcp \ port=53 comment="Drop incoming TCP DNS queries on public IP" add action=drop chain=input dst-address=1.2.3.4 protocol=udp \ port=53 comment="Drop incoming UDP DNS queries on public IP"If you have more than one public IP address you can use firewall address list and also you can use incoming interface in rule. Was Web Proxy enabled on public IP?
-
-
bronco1980
Frequent Visitor
- Posts: 63
- Joined:
Re: cannot search google !!
thank u my friend,
I guess the problem was in NAT,
chain=dstnat action=redirect to-addresses=0.0.0.0 to-ports=53 protocol=tcp
dst-port=53
chain=dstnat action=redirect to-addresses=0.0.0.0 to-ports=53 protocol=udp
dst-port=53
i have disabled them also,
thank u again my friend
I guess the problem was in NAT,
chain=dstnat action=redirect to-addresses=0.0.0.0 to-ports=53 protocol=tcp
dst-port=53
chain=dstnat action=redirect to-addresses=0.0.0.0 to-ports=53 protocol=udp
dst-port=53
i have disabled them also,
thank u again my friend