hi all mikrotik users;

I have a question.. Currently I have lots of attacks to my router from the WAN side especially some brute force attacks which they fill up all of my logs and eat my bandwidth.. they are mainly destinated to SSH and my FTP server but i dont want to disable these services because sometimes I use these services from WAN aswell...


(A hotspot is running on RB532r5 -64 with default gateway is my public WAN address)

My question is
how can I block access from outside to my router at all, but only allow 212.0.0.0/32 segment to reach it ?

thanks..

For SSH you can change the port from 22 to something else, and also you can block certain traffic towards your WAN interface. Just use firewall in mikrotik and setup apopriate rules.
If you have trouble with configuring firewalling, just ask for help.

Regards.

Faton

1. first you can defining on firewall which ip can be access on your router.
2. then drop all

example :

/ip firewall filter add chain=input src-address=212.x.x.x/x action=accept
/ip firewall filter add chain=input action=drop

thanks fatonk..
i changed it before from port 22 to something else and they found it out..

im temporarily applying this
http://wiki.mikrotik.com/wiki/Bruteforc ... %26_SSH%29

as i found it out in wiki...

thanks neyman

Yes but the filter rule you have written is only for a specific IP address that can reach my router. yes ?
i want all the 212 segment to reach it since i dont have a static IP address at home when i wanna reach to my router ..

if i change the src-address = 212.108.0.0/32
can it work ?

your welcome
try to change the src-address = 212.0.0.0/8 or src-address 212.108.0.0/16. don't change src-address to 212.0.0.0/32 or 212.108.0.0/32 because /32 only one ip. if you change to /32 then can't be work

thanks,