Hi all,
I have some clients are infected. the clients have more than 20 open connection. always.
how I can protect my router from this client without limiting the connection per client.
Thank you
Drop them in input chain. Read the manual to get info what chain stands for.
How I can identify specific pppoe users of specific interface to inter address list to isolate from other pppoe users.
all clients infected it come from one interface. I want isolate these clients in address-list. I try this rule :
add action=add-src-to-address-list address-list=Client-Infected address-list-timeout=0s chain=input disabled=yes in-interface=ether5 src-address-list=!Client-Infected
But not work with pppoe clients.
all Clients Infected it come from ether5
I don’t think so…
The criteria for your rule is if the inbound packet is not on the address list Client-Infected, and from the interface ether5. Your action is to add that source IP to the address list Client-Infected, with no time out. The result is that all input packets on ether-5 will meet the criteria and be added to the address list, and then they won’t meet the criteria so they will therefore be allowed. But, you have the rule disabled, so it’s not going to do anything anyway. If what you are trying to do is prevent any packets from ether5 from reaching the router via the input chain, why don’t you simply drop all packets from ether5 in the input chain.
Or am I missing something here?