Hi,
when we create a rule firewall and enable limit in extra tab and set 1000/sec and set action to drop it means if more than 1000 packet per second receive and exceed 1000 then block ,
is it right?
thanks,
Re: limit in firewall rules
i have not tried but looks like thats the way
http://wiki.mikrotik.com/wiki/Manual:IP ... Properties
http://wiki.mikrotik.com/wiki/Manual:IP ... Properties
-
-
blackmetal
Member Candidate
- Posts: 227
- Joined:
Re: limit in firewall rules
it is not bps based right? it is pps based? asi see in wiki.
-
-
blackmetal
Member Candidate
- Posts: 227
- Joined:
Re: limit in firewall rules
i create following rules :
add action=jump chain=forward connection-state=new jump-target=mychain
add action=return chain=mychain limit=500,5
add action=add-dst-to-address-list address-list=mychain address-list-timeout=10m chain=mychain
add action=drop chain=forward dst-address-list=mychain
so i want know with above rules when many source ips send more than 500 pps to 1 destionation ip it will block that destinbation ip right?
and when many source ip send more than 500 pps to many destionation ip on my network this rule does not work and do not block anything right?
thanks,
add action=jump chain=forward connection-state=new jump-target=mychain
add action=return chain=mychain limit=500,5
add action=add-dst-to-address-list address-list=mychain address-list-timeout=10m chain=mychain
add action=drop chain=forward dst-address-list=mychain
so i want know with above rules when many source ips send more than 500 pps to 1 destionation ip it will block that destinbation ip right?
and when many source ip send more than 500 pps to many destionation ip on my network this rule does not work and do not block anything right?
thanks,
Who is online
Users browsing this forum: CyberDaeng, massinia and 48 guests