Community discussions

MikroTik App

Search found 6 matches

by SPDNET
Tue Nov 17, 2020 8:04 pm
Forum: General
Topic: Mikrotik SYN Cookie Protection
Replies: 2
Views: 319

Mikrotik SYN Cookie Protection

Hello ,
I could not find a clear source anywhere, either. When the SYN-Cookie protection on Mikrotik devices is activated, which of the following images behaves like?

http://prnt.sc/vkxth4
http://prnt.sc/vkxtgn

Kind regards
by SPDNET
Sat Apr 13, 2019 5:41 pm
Forum: General
Topic: Firewall fetch in http headers
Replies: 0
Views: 448

Firewall fetch in http headers

Hello , Is there any way to fetch X-Forwarded-For string in http headers and block the ips ? We have tryed : [admin@MikroTik] /ip firewall layer7-protocol> print # NAME REGEXP 0 X-Forwarded-For .*X-Forwarded-For.* [admin@MikroTik] /ip firewall filter> print 1 chain=forward action=drop protocol=tcp l...
by SPDNET
Wed Apr 10, 2019 11:23 am
Forum: General
Topic: ACK number block
Replies: 2
Views: 553

Re: ACK number block

Yes we are under an attack that send syn packets with acknowledgement number :)
I can block it on centos with u32 rules . But i just want to know if there is a way of this on mikrotik
by SPDNET
Tue Apr 09, 2019 6:26 pm
Forum: General
Topic: ACK number block
Replies: 2
Views: 553

ACK number block

Hello ,

Is there any possible way to block syn packets that which has acknowledgement number different than 0


Thank you
by SPDNET
Mon Jun 26, 2017 5:31 pm
Forum: Beginner Basics
Topic: Whitelisted generic
Replies: 1
Views: 475

Whitelisted generic

Hello friends , I want to know that if it is possible to create a white list on router os to block first UDP connection packet to prevent from UDP attacks. I want to add to a member list for each connection the client and drop the packet. That list will be ok for 10 hours and if the client is in the...
by SPDNET
Mon Jun 26, 2017 5:29 pm
Forum: Beginner Basics
Topic: IPSET on mikrotik
Replies: 1
Views: 1271

IPSET on mikrotik

Hello everybody ,
I am new on mikrotik and for one of my customer i need a rule sth. like that
If an ip address exceeds 150 packets per second that it will be blacklisted for 120 seconds. It is very easy to do on centos with hashlimit and ipset on cent os . Is there any way to do it on router os ?