Community discussions

 
anav
Forum Guru
Forum Guru
Topic Author
Posts: 2968
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Raw Rules

Sat Feb 09, 2019 6:55 am

Any issues with these in Raw?????????
The concept is that if one knows common ports scanned that the router does not need (the people using it dont need),
then this approach will be lighter on the CPU and yet effective. Same idea, if don't expect incoming or plan on outgoing broadcast traffic...
/ip firewall raw
add action=add-src-to-address-list address-list=DropPortProbes \
    address-list-timeout=5d chain=prerouting comment=CaptureUnusedPorts_TCP \
    disabled=yes dst-port=0,11,20,21,22,23,79,113,119,135,139,194,389,445 \
    in-interface-list=WAN protocol=tcp
add action=add-src-to-address-list address-list=DropPortProbes \
    address-list-timeout=5d chain=prerouting comment=CaptureUnusedPorts_TCP2 \
    disabled=yes dst-port=\
    500,1002,1025,1026,1027,1028,1029,1030,1720,5000,8291 in-interface-list=\
    WAN protocol=tcp
add action=add-src-to-address-list address-list=DropPortProbes \
    address-list-timeout=5d chain=prerouting comment=CaptureUnusedPortsUDP \
    disabled=yes dst-port=0,11,20,21,22,23,79,113,119,135,139,194,389,445 \
    in-interface-list=WAN protocol=udp
add action=add-src-to-address-list address-list=DropPortProbes \
    address-list-timeout=5d chain=prerouting comment=CaptureUnusedPorts_UDP2 \
    disabled=yes dst-port=\
    500,1002,1025,1026,1027,1028,1029,1030,1720,5000,8291 in-interface-list=\
    WAN protocol=udp
add action=drop chain=prerouting comment=DropPortProbes disabled=yes \
    src-address-list=DropPortProbes
add action=drop chain=prerouting comment=DropIncomingBroadcasts disabled=yes \
    dst-address-type=broadcast in-interface-list=WAN
add action=drop chain=output comment=DropOutgoingBroadcasts disabled=yes \
    dst-address-type=broadcast out-interface-list=WAN
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)

Who is online

Users browsing this forum: No registered users and 92 guests