I have web hosting website, and i using mikrotik for router. i need config SYN-ACK Flood attack protection from router to outgoing.
I using this below rule, but i dont know exactly its work to prevent outgoing atack or only work with incoming traffic to router.
Code: Select all
/ip/firewall/filter add action=return chain=detect-ddos dst-limit=32,32,src-and-dst-addresses/10s protocol=tcp tcp-flags=syn,ack
I also added this below rule, and chaned chain to " forward" and setting up outgoing ether to ether1, its true? and which number better for dst-limit= ?
/ip firewall filter add action=return chain=forward dst-limit=32,150,src-and-dst-addresses/10s protocol=tcp tcp-flags=syn,ack
if possible guid me. thanks