Hi all,
My ftp-NAS has from time-to-time brute-force attacks that makes exploding the log file. Most of the time from China.
Anyway I only want to grant ftp-access from Belgium.
So I have created & uploaded a white-list from https://mikrotikconfig.com/firewall/ (great tool btw). The (white) list is called "CountryIPAllow".
I have masquerade on port 21 to access the ftp from inside LAN & dynamic hairpin (wich updates my WAN-IP) to access ftp from WAN.
Other ports than 21 are forwarded to other devices so those should not be blocked.
I've seen examples to drop requests from a blacklist, but my blacklist if to heavy, so I need to do the inversed rule.
How should I configure the firewall allow "CountryIPAllow" and drop all orther port-21-access ?
Many thanks in advance!