Community discussions

 
irghost
Member Candidate
Member Candidate
Topic Author
Posts: 282
Joined: Sun Feb 21, 2016 1:49 pm

tcp syn-flood

Mon Apr 18, 2016 10:28 pm

http://wiki.mikrotik.com/wiki/DoS_attack_protection

syntax error in this rule plz help me !?!?!
/ip firewall filter add chain=forward protocol=tcp tcp-flags=syn connection-state=new \
action=jump jump-target=SYN-Protect comment="SYN Flood protect" disabled=yes
/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn limit=400,5 connection-state=new \
action=accept comment="" disabled=no
/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn connection-state=new \
action=drop comment="" disabled=no
MTCNA MTCRE MTCTCE MTCUME MTCWE MTCIPv6E MTCINE
 
kamillo
Member Candidate
Member Candidate
Posts: 156
Joined: Tue Jul 15, 2014 5:44 pm

Re: tcp syn-flood

Mon Apr 18, 2016 11:20 pm

The first rule is disabled
disabled=yes
 
irghost
Member Candidate
Member Candidate
Topic Author
Posts: 282
Joined: Sun Feb 21, 2016 1:49 pm

Re: tcp syn-flood

Mon Apr 18, 2016 11:32 pm

The first rule is disabled
disabled=yes
syntax errror here
/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn limit=400,5 connection-state=new action=accept comment="" disabled=no 
after 5
MTCNA MTCRE MTCTCE MTCUME MTCWE MTCIPv6E MTCINE
 
nxs02
Member Candidate
Member Candidate
Posts: 119
Joined: Sat Nov 07, 2015 1:25 pm
Location: Planet Earth

Re: tcp syn-flood

Tue Apr 19, 2016 6:35 am

im curious if u need that firewall filter, imo as long as u have default forward drop and client isolation than u are fine
 
irghost
Member Candidate
Member Candidate
Topic Author
Posts: 282
Joined: Sun Feb 21, 2016 1:49 pm

Re: tcp syn-flood

Tue Apr 19, 2016 9:45 am

im curious if u need that firewall filter, imo as long as u have default forward drop and client isolation than u are fine
if u can help me with syntax
MTCNA MTCRE MTCTCE MTCUME MTCWE MTCIPv6E MTCINE
 
sash7
Frequent Visitor
Frequent Visitor
Posts: 69
Joined: Sun Mar 20, 2016 10:39 pm

Re: tcp syn-flood

Tue Apr 19, 2016 9:54 am

syntax is ok, try to add manually, maybe you copy-paste?
 
irghost
Member Candidate
Member Candidate
Topic Author
Posts: 282
Joined: Sun Feb 21, 2016 1:49 pm

Re: tcp syn-flood

Tue Apr 19, 2016 11:51 am

syntax is ok, try to add manually, maybe you copy-paste?
Image
MTCNA MTCRE MTCTCE MTCUME MTCWE MTCIPv6E MTCINE
 
irghost
Member Candidate
Member Candidate
Topic Author
Posts: 282
Joined: Sun Feb 21, 2016 1:49 pm

Re: tcp syn-flood

Wed Apr 20, 2016 1:01 am

UP!
MTCNA MTCRE MTCTCE MTCUME MTCWE MTCIPv6E MTCINE
 
jcvn
just joined
Posts: 2
Joined: Sun Sep 24, 2017 5:36 pm

Re: tcp syn-flood

Sun Sep 24, 2017 5:40 pm

/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn limit=400,5:packet connection-state=new action=accept comment="SYN Flood protect"
disabled=no
 
jcvn
just joined
Posts: 2
Joined: Sun Sep 24, 2017 5:36 pm

Re: tcp syn-flood

Sun Sep 24, 2017 5:45 pm

http://wiki.mikrotik.com/wiki/DoS_attack_protection

syntax error in this rule plz help me !?!?!
/ip firewall filter add chain=forward protocol=tcp tcp-flags=syn connection-state=new \
action=jump jump-target=SYN-Protect comment="SYN Flood protect" disabled=yes
/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn limit=400,5 connection-state=new \
action=accept comment="" disabled=no
/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn connection-state=new \
action=drop comment="" disabled=no

/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn limit=400,5:packet connection-state=new action=accept comment="SYN Flood protect"
disabled=no

Who is online

Users browsing this forum: No registered users and 62 guests