Community discussions

MUM Europe 2020
 
Rick
just joined
Topic Author
Posts: 6
Joined: Tue Jan 19, 2016 2:30 pm

Firewall block list

Fri Feb 14, 2020 1:35 pm

Hi,

I have a PPTP server running on my router, and occasionally get brute force attempts on the login.
I periodically block these IPs, however I have noticed that the blocklist I have is not working.

Here is the connection I am attempting to block (I left his IP in ha)

input: in:Eth1-Outside out:(unknown 0), src-mac 50:5d:ac:4e:82:24, proto TCP (SYN), 92.63.194.27:44684->x.x.x.x:1723, len 60

The firewall rule I have is (1st rule):

/ip firewall address-list
add address=141.98.80.115 list=Blocked
add address=162.243.140.155 list=Blocked
add address=92.63.194.27 list=Blocked
add address=185.232.67.13 list=Blocked
add address=46.161.27.42 list=Blocked
add address=92.63.194.47 list=Blocked
add address=141.98.80.128 list=Blocked
/ip firewall filter
add action=drop chain=input comment="Blocked IPs" log=yes src-address-list=Blocked

Does the OS accept the PPTP before the firewall or something? How can I block these unwanted IPs?
 
msatter
Forum Guru
Forum Guru
Posts: 1378
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: Firewall block list  [SOLVED]

Fri Feb 14, 2020 2:10 pm

Have you tried to block in /ip firewall raw which earlier active than Filter?
Two RB760iGS (hEX S) in series. One does PPPoE and both do IKEv2.
Running:
RouterOS 6.46.x / Winbox 3.21 / MikroTik APP 1.3.10
Android device owners, use https://github.com/M66B/NetGuard/releases (no root required)
 
Rick
just joined
Topic Author
Posts: 6
Joined: Tue Jan 19, 2016 2:30 pm

Re: Firewall block list

Fri Feb 14, 2020 2:50 pm

Yes that worked, thank you !!!

Who is online

Users browsing this forum: casperjjordaan, Google [Bot], leemans, tberg and 117 guests