I used :
/ip firewall filter add chain=input src-address=111.205.46.46 action=drop
and it keeps connecting i see in the log TCP connection establish from 111.205.46.46
Also tried nmap my router from another isp added in firewall to drop and it`s keep making connection why is not showing time out?
Thanks in advance for the help
Your rule blocks traffic to router itself (ping winbox, webfig…) but not traffic going through the router, like port forwards.
Or does another allow rule come before block rule?
Then how to block permanent an ip address or a class ? (cause most of them are same ip ore class)
And yes, i have pptp open cause i use vpn (and im tired of few ips that brute force pptp service) (and i cant use a rule to have access only from a single/few ip cause i connect from different places that have dinamic ip)
Many thanks
If you want to block just any traffic with select remote address(es), the most router-friendly way is to use raw filters:
/ip firewall raw
add chain=prerouting action=drop src-address-list=blocked_addresses
and fill /ip firewall address-list with banned addresses …
Many many many thanks for the answer and the command to add ip to the blocked list ?
add address=213.108.134.0/24 comment=“bf pptp” list=blocked_addresses (Is this corect ?)
/ip firewall address-list
add address=1.2.3.4 address-list=blocked_addresses
add address=2.3.4.5 address-list=blocked_addresses
Yup, you can also add subnets as in your example.
Many thanks again for the answer (this is working perfect blok all tested)