i have this
Code: Select all
add action=drop chain=forward comment="drop ares" disabled=no p2p=warez
anybody have the same?
Max
http://mikrotikexpert.com
http://maxid.com.ar
add action=drop chain=forward comment="drop ares" disabled=no p2p=warez
add chain=forward src-address=192.168.0.5 protocol=tcp dst-port=28247 action=log log-prefix="GNUTELLA DROP" \
comment="log and drop gnutella listen port for 192.168.0.5 \(tcp\)" disabled=no
add chain=forward src-address=192.168.0.5 protocol=tcp dst-port=28247 action=drop comment="" disabled=no
add chain=forward src-address=192.168.0.5 protocol=udp dst-port=28247 action=log log-prefix="GNUTELLA DROP" \
comment="log and drop gnutella listen port for 192.168.0.5 \(udp\)" disabled=no
add chain=forward src-address=192.168.0.5protocol=udp dst-port=28247 action=drop comment="" disabled=no
add chain=forward p2p=warez action=log log-prefix="WAREZ" comment="log and drop warez" \
disabled=no
add chain=forward p2p=warez action=drop comment="" disabled=no
add chain=forward p2p=gnutella action=log log-prefix="GNUTELLA" comment="log and drop \
gnutella" disabled=no
add chain=forward p2p=gnutella action=drop comment="" disabled=no
port doesn't matter. routeros is inspecting packets and looking for familiar patterns. apparently ares uses encryption which makes this complicatedi think this type of traffic doesnt stop easy, because it uses randon ports and mt only knows wich kind of traffic after the second packet stablishement or something like that, can anybody hear it or explain it?