I am a relatively new MikroTik user but have some experience with firewalls. I have been having some trouble with our new internet connection going down and realize if I turned off the router, things were fine. Looking at torch I see massive amounts of UDP connections from random internet IPs to my static IP on port 53. I went into the DNS settings and turned off “Allow Remote Requests” but to no avail. So I ran these commands (with my LAN /24 insted of the x’s):
/ip firewall address-list
add address=x.x.x.x/24 list=support
/ip firewall filter
add chain=input comment=“Full access to SUPPORT address list” src-address-list=support
add action=drop chain=input comment=“Drop anything else!”
But I still see the connections in torch. So then I added this to the top of my filters:
/ip firewall filter
add action=drop chain=input dst-port=53 protocol=udp
And see the counter going up, but still see these connections. Any ideas as to what I should do and why by basic 2 line firewall isn’t stopping them? I don’t have a need for a DNS server that is accessible from the outside so completely blocking it is OK with me.
Thanks!