Page 1 of 1

limit in firewall rules

Posted: Sat Nov 21, 2015 7:58 am
by blackmetal
Hi,
when we create a rule firewall and enable limit in extra tab and set 1000/sec and set action to drop it means if more than 1000 packet per second receive and exceed 1000 then block ,
is it right?
thanks,

Re: limit in firewall rules

Posted: Sat Nov 21, 2015 9:03 am
by chechito
i have not tried but looks like thats the way

http://wiki.mikrotik.com/wiki/Manual:IP ... Properties

Re: limit in firewall rules

Posted: Sat Nov 21, 2015 9:34 am
by blackmetal
it is not bps based right? it is pps based? asi see in wiki.

Re: limit in firewall rules

Posted: Sat Nov 21, 2015 10:54 am
by blackmetal
i create following rules :
add action=jump chain=forward connection-state=new jump-target=mychain
add action=return chain=mychain limit=500,5
add action=add-dst-to-address-list address-list=mychain address-list-timeout=10m chain=mychain
add action=drop chain=forward dst-address-list=mychain

so i want know with above rules when many source ips send more than 500 pps to 1 destionation ip it will block that destinbation ip right?
and when many source ip send more than 500 pps to many destionation ip on my network this rule does not work and do not block anything right?
thanks,