I am trying to set up a filter rule that drops an existing inbound UDP connection from an IP address. The rule seems to work to new UDP connections but will not drop existing ones. I am setting only src-address, chain input, and action drop in my filter rule. I can see the UDP connections in the connection list that I desire to drop, but the rule is not working.
I have tried on versions 4b2 a 3.23 to no avail. I remember that I did this some months ago on another version and it did seem to work if my memory serves me correctly.
Maybe I am just setting up the rule wrong.
Any assistance would be appreciated.
if you drop packets of existing connection, the connection will not disappear immediately from the list, only after timeout
That may be so, but I know the filter rule is not working, as the client remains connected to the server when the rule is in place.
chain=input? Should it be chain=forward?
Sam
I want to drop incoming connections from the remote address - I don’t care about clients connecting to the remote address. My (limited) understanding is that input is the correct setting to use in this case.
input = to the router directly.
forward = thru the router, to a machine that’s not the router.
are they in winbox or ftp or ssh on the router? or is it to a server on your network?
It’s a machine thats on the network so I shall try changing the chain to forward as per your advice. I will let you know if successfull. Thanks for the help thus far.