Community discussions

MikroTik App
 
recsx
newbie
Topic Author
Posts: 34
Joined: Sun Aug 29, 2004 6:30 pm

HELP!!!!! HELLLLLLP! pppoe block port 80 to clients

Sun Jan 16, 2005 9:53 am

For the love of god i've been trying for hours trying to block a handfull of ports to our clients that connect via PPPoE.

Is there any way to do this??????

I've tried adding a forward rule but that di absolutly nothing.
Then i tried a specific user eg <<pppoe_username>> and hmm that did it.

But that sucks im not about to make 20 million rules.

I'd like to block all on the specific WLAN ethernet card.

Please help

Thanks a mill
 
mip
Member Candidate
Member Candidate
Posts: 122
Joined: Fri Jun 04, 2004 8:19 pm
Location: Ráckeve
Contact:

Sun Jan 16, 2005 10:33 am

You can set the firewall chain for in and out traf. at ppp profil page. Then you just creat a new chain at ip firewall and add a rule that blocks traf you vant to stop. Its just a first idea as i read your post, but I think it works. Try, and report.
https://www.youtube.com/watch?v=j7q0Y_JZMrg - the country you must visit
 
recsx
newbie
Topic Author
Posts: 34
Joined: Sun Aug 29, 2004 6:30 pm

Sun Jan 16, 2005 11:10 am

I've tried that but did not work.

What i'm seeing is that the PPPoE connections are dynamic thus they are all unique and not like trying to stop trafic to a certain nic card.

Maybe i'm doing it wrong! ???
 
recsx
newbie
Topic Author
Posts: 34
Joined: Sun Aug 29, 2004 6:30 pm

Sun Jan 16, 2005 5:29 pm

I think i got it, it's working well.

This is what i've done (Please tell me if there is a better way)

In the forward chain i created a rule.
Src Address xx.xx.xx.0/24 which is the entire pool that gets allocated to PPPoE clients.
All interfaces all protocols

Jump to new Filter Chain that i made called PPPoE_Rules
in there i state that anything comming from source xx.xx.xx.0/24 on port 80 to reject it and i think i will put all other ports such as ftp, smtp, pop etc. in there so that i can use this new chain to monitor the clients on PPPoE.

I think this is the right way? ... YES? / NO? please reply

Thanks

Who is online

Users browsing this forum: aguerraitd, brixsat, eworm, kos, ysha and 80 guests