Community discussions

MikroTik App
  4. RouterOS
  5. General

Raw Rules

Post Reply
 
User avatar
anav
Forum Guru
Forum Guru
Topic Author
Posts: 19323
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:
Contact anav

Raw Rules

Sat Feb 09, 2019 6:55 am

Any issues with these in Raw?????????
The concept is that if one knows common ports scanned that the router does not need (the people using it dont need),
then this approach will be lighter on the CPU and yet effective. Same idea, if don't expect incoming or plan on outgoing broadcast traffic...
Code: Select all
/ip firewall raw
add action=add-src-to-address-list address-list=DropPortProbes \
    address-list-timeout=5d chain=prerouting comment=CaptureUnusedPorts_TCP \
    disabled=yes dst-port=0,11,20,21,22,23,79,113,119,135,139,194,389,445 \
    in-interface-list=WAN protocol=tcp
add action=add-src-to-address-list address-list=DropPortProbes \
    address-list-timeout=5d chain=prerouting comment=CaptureUnusedPorts_TCP2 \
    disabled=yes dst-port=\
    500,1002,1025,1026,1027,1028,1029,1030,1720,5000,8291 in-interface-list=\
    WAN protocol=tcp
add action=add-src-to-address-list address-list=DropPortProbes \
    address-list-timeout=5d chain=prerouting comment=CaptureUnusedPortsUDP \
    disabled=yes dst-port=0,11,20,21,22,23,79,113,119,135,139,194,389,445 \
    in-interface-list=WAN protocol=udp
add action=add-src-to-address-list address-list=DropPortProbes \
    address-list-timeout=5d chain=prerouting comment=CaptureUnusedPorts_UDP2 \
    disabled=yes dst-port=\
    500,1002,1025,1026,1027,1028,1029,1030,1720,5000,8291 in-interface-list=\
    WAN protocol=udp
add action=drop chain=prerouting comment=DropPortProbes disabled=yes \
    src-address-list=DropPortProbes
add action=drop chain=prerouting comment=DropIncomingBroadcasts disabled=yes \
    dst-address-type=broadcast in-interface-list=WAN
add action=drop chain=output comment=DropOutgoingBroadcasts disabled=yes \
    dst-address-type=broadcast out-interface-list=WAN
Top
Post Reply

Who is online

Users browsing this forum: No registered users and 82 guests
  4. RouterOS
  5. General