Community discussions

MikroTik App
 
User avatar
ViREnG
Member Candidate
Member Candidate
Topic Author
Posts: 229
Joined: Tue Aug 11, 2009 4:01 pm
Location: Boryspil

Block a PORT for 1 Minute per 10 Minute !

Tue Feb 22, 2011 7:09 pm

Hey Friends ;)
i Wanna Block a Port for 1 Minute for each 10 Minute ...
Mean : users can Use That Port 9 Minute if 10 Minute ... Blocking 1min of 10 Min.

for Adding That Should Add a Thousands of Filter rule time with Specified of time :shock:
Rule 1 , Block Port time=00:01-00:02
Rule 2 , Block Port time=00:11-00:12
Rule 3 , Block Port time=00:21-00:22
Rule 4 , Block Port time=00:31-00:32
Rule N .....

How Can i work it with an a Easy Way , Like a Script Run a 1 Rule for 1 min of 10 min .

Thanks ;)
 
Feklar
Forum Guru
Forum Guru
Posts: 1724
Joined: Tue Dec 01, 2009 11:46 pm

Re: Block a PORT for 1 Minute per 10 Minute !

Tue Feb 22, 2011 7:17 pm

Write a script that will enable a filter rule that will enable a firewall rule that will drop connection for that port, put in a delay of 60 and disable the rule with the next line. Run the script every 10 minutes.
 
User avatar
ViREnG
Member Candidate
Member Candidate
Topic Author
Posts: 229
Joined: Tue Aug 11, 2009 4:01 pm
Location: Boryspil

Re: Block a PORT for 1 Minute per 10 Minute !

Wed Feb 23, 2011 7:51 am

i don't Know about scripting on MikroTik :?
Can You Write a Example ?
Thanks ;)
 
 
User avatar
ViREnG
Member Candidate
Member Candidate
Topic Author
Posts: 229
Joined: Tue Aug 11, 2009 4:01 pm
Location: Boryspil

Re: Block a PORT for 1 Minute per 10 Minute !

Wed Feb 23, 2011 10:01 am

This is my Filter Rule :
chain=forward action=drop protocol=tcp src-address=192.168.85.0/24 dst-port=21 comment=block
what Scheduler i must be add , for 1 minute of every 10 minute ? can write This example with above filter rule ?

Thanks ;)
 
User avatar
m4rk0
Member Candidate
Member Candidate
Posts: 196
Joined: Sat Feb 16, 2008 8:30 pm
Location: BA
Contact:

Re: Block a PORT for 1 Minute per 10 Minute !

Wed Feb 23, 2011 1:30 pm

This is my Filter Rule :
chain=forward action=drop protocol=tcp src-address=192.168.85.0/24 dst-port=21 comment=block
what Scheduler i must be add , for 1 minute of every 10 minute ? can write This example with above filter rule ?

Thanks ;)
Now in scheduler use combination of INTERVAL and DELAY :)
 
Feklar
Forum Guru
Forum Guru
Posts: 1724
Joined: Tue Dec 01, 2009 11:46 pm

Re: Block a PORT for 1 Minute per 10 Minute !

Wed Feb 23, 2011 4:23 pm

/ip firewall filter enable [find comment="block"]
:delay 60
/ip firewall filter disable [find comment="block"]
Set up a scheduler to run this every 10 minutes. It will look in the firewall filter for any rules with the comment of "block" and enable them. It will then wait 60 seconds and run the final command of disabling anything with the comment of "block"
 
User avatar
ViREnG
Member Candidate
Member Candidate
Topic Author
Posts: 229
Joined: Tue Aug 11, 2009 4:01 pm
Location: Boryspil

Re: Block a PORT for 1 Minute per 10 Minute !

Fri Feb 25, 2011 8:33 pm

Here is My Scheduler :
[admin@MyRouter] /system scheduler> print
Flags: X - disabled 
 #   NAME           START-DATE  START-TIME         INTERVAL             ON-EVENT         RUN-COUNT 
 0   run10min       jan/01/1970 21:48:34           33s                  test22           7          
& This The Script :
[admin@My Router] /system scheduler> /system scri print
Flags: I - invalid 
 0   name="test22" owner="admin" 
     policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive 
     last-started=feb/25/2011 21:54:02 run-count=5 
     source=
       /ip firewall filter enable [find comment="block"]
       :delay 10
       /ip firewall filter disable [find comment="block"]
but The Scheduler don't Run The Script , Scheduler Run in That Interval Times , but Don't Run The Script
~Thats Run Count on The Script Section is Manual Run by me .

What i Do Now ? :?
 
User avatar
ViREnG
Member Candidate
Member Candidate
Topic Author
Posts: 229
Joined: Tue Aug 11, 2009 4:01 pm
Location: Boryspil

Re: Block a PORT for 1 Minute per 10 Minute !

Mon Feb 28, 2011 11:37 am

anyone know , what i do for Working it ?
where is The Problem ?
 
User avatar
ViREnG
Member Candidate
Member Candidate
Topic Author
Posts: 229
Joined: Tue Aug 11, 2009 4:01 pm
Location: Boryspil

Re: Block a PORT for 1 Minute per 10 Minute !

Mon Feb 28, 2011 4:16 pm

Here is My Scheduler :
[admin@MyRouter] /system scheduler> print
Flags: X - disabled 
 #   NAME           START-DATE  START-TIME         INTERVAL             ON-EVENT         RUN-COUNT 
 0   run10min       jan/01/1970 21:48:34           33s                  test22           7          
& This The Script :
[admin@My Router] /system scheduler> /system scri print
Flags: I - invalid 
 0   name="test22" owner="admin" 
     policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive 
     last-started=feb/25/2011 21:54:02 run-count=5 
     source=
       /ip firewall filter enable [find comment="block"]
       :delay 10
       /ip firewall filter disable [find comment="block"]
but The Scheduler don't Run The Script , Scheduler Run in That Interval Times , but Don't Run The Script
~Thats Run Count on The Script Section is Manual Run by me .

What i Do Now ? :?
Where is Problem ??
 
User avatar
marioclep
Trainer
Trainer
Posts: 139
Joined: Sat Jul 11, 2009 4:36 pm
Location: Cordoba - Argentina
Contact:

Re: Block a PORT for 1 Minute per 10 Minute !

Mon Feb 28, 2011 4:26 pm

You do have your filter rule with comment "block", don't you?
 
Feklar
Forum Guru
Forum Guru
Posts: 1724
Joined: Tue Dec 01, 2009 11:46 pm

Re: Block a PORT for 1 Minute per 10 Minute !

Mon Feb 28, 2011 6:18 pm

What permissions do you have assigned to the scheduler? Without the proper permissions it cannot run the script.
 
User avatar
ViREnG
Member Candidate
Member Candidate
Topic Author
Posts: 229
Joined: Tue Aug 11, 2009 4:01 pm
Location: Boryspil

Re: Block a PORT for 1 Minute per 10 Minute !

Tue Mar 01, 2011 3:45 pm

Yes i Have an Filter Rule with That Comment ,

For Premission , i not Checked Any CheckBox of Premission on Scheduler !
i must be Check ?

EDIT :

Thanks ;)
The Problem is for i Not Checked :D

Who is online

Users browsing this forum: bkuyk1 and 40 guests