I want to understand soemthing
I have created this ip rules to block unknown networks to my inside network
Code: Select all
/ip firewall filter
add action=accept chain=forward src-address-list="Allow IP"
add action=accept chain=input src-address-list="Allow IP"
add action=add-src-to-address-list address-list=BlcokConnections address-list-timeout=none-dynamic chain=forward
add action=drop chain=forward
/ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat action=masquerade
1 chain=dstnat action=dst-nat to-addresses=10.0.0.100 to-ports=5900 protocol=tcp dst-port=5900
2 chain=dstnat action=dst-nat to-addresses=10.0.0.100 to-ports=9991 protocol=tcp dst-port=9991
3 chain=dstnat action=dst-nat to-addresses=10.0.0.100 to-ports=22 protocol=tcp in-interface=Remote dst-port=22
4 chain=dstnat action=dst-nat to-addresses=10.0.0.100 to-ports=8000 protocol=tcp in-interface=Remote dst-port=8000 log=no log-prefix=""
and it's not from icmp protocol (beacuse I have enable icmp at place 0 ) and I don't see anything there
1. what could it be ?
2. after I have added 8.8.8.8 to the "Allow IP" list , I can see many IP blocked
Code: Select all
/ip firewall address-list print where list=BlcokConnections
Flags: X - disabled, D - dynamic
# LIST ADDRESS CREATION-TIME TIMEOUT
0 D BlcokConnections 85.91.1.164 jun/14/2021 12:39:11
1 D BlcokConnections 162.159.200.1 jun/14/2021 12:39:31
2 D BlcokConnections 162.159.200.123 jun/14/2021 12:39:41
3 D BlcokConnections 74.6.168.73 jun/14/2021 12:41:57
4 D BlcokConnections 206.82.16.3 jun/14/2021 12:42:07
5 D BlcokConnections 198.211.103.209 jun/14/2021 12:42:28
6 D BlcokConnections 52.17.231.73 jun/14/2021 12:44:03
7 D BlcokConnections 62.12.173.11 jun/14/2021 12:47:23
8 D BlcokConnections 83.98.201.134 jun/14/2021 12:47:33
9 D BlcokConnections 139.180.160.82 jun/14/2021 12:47:43
10 D BlcokConnections 193.182.111.12 jun/14/2021 12:47:53
11 D BlcokConnections 44.155.254.17 jun/14/2021 12:48:24
12 D BlcokConnections 54.229.222.210 jun/14/2021 12:48:34
13 D BlcokConnections 73.239.136.185 jun/14/2021 12:48:55
14 D BlcokConnections 71.168.219.127 jun/14/2021 12:49:05
15 D BlcokConnections 198.199.120.223 jun/14/2021 12:49:16
16 D BlcokConnections 207.244.103.95 jun/14/2021 12:49:26
17 D BlcokConnections 103.242.70.4 jun/14/2021 12:54:45
18 D BlcokConnections 216.197.156.83 jun/14/2021 12:54:55
19 D BlcokConnections 207.34.49.172 jun/14/2021 12:55:05
20 D BlcokConnections 199.180.255.17 jun/14/2021 12:55:15
21 D BlcokConnections 62.168.65.36 jun/14/2021 13:04:18
22 D BlcokConnections 108.61.189.74 jun/14/2021 13:04:28
23 D BlcokConnections 66.220.9.122 jun/14/2021 13:04:39
24 D BlcokConnections 202.12.97.45 jun/14/2021 13:04:49
should I block the 8.8.8.8? and so those IP will not try to connect to me ?
* the remote interface is vpn connection and the network is in the "Allow IP" *
Thanks ,