Community discussions

MikroTik App
 
User avatar
Techsystem
Member
Member
Topic Author
Posts: 337
Joined: Tue Dec 21, 2021 5:12 am

repetitive code 3 message in log section

Sat Oct 01, 2022 3:01 pm

Hello my friends..!
so what MT router want to tell me by this Reptitive message in log section..? -(as you see in the picture below )- and what code 3 mean..?
firewall-2.PNG

/ip firewall filter
add action=passthrough chain=forward disabled=yes
add action=accept chain=input comment="allow WireGuard" disabled=yes dst-port=     protocol=udp
add action=accept chain=input comment=l2tp-ipsec disabled=yes in-interface=ether1 protocol=ipsec-esp
add action=accept chain=input comment=ipsec disabled=yes in-interface=ether1 protocol=ipsec-ah
add action=accept chain=input connection-state=established,related,untracked disabled=yes
add action=drop chain=input connection-state=invalid disabled=yes
add action=return chain=detect-ddos disabled=yes dst-limit=32,32,src-and-dst-addresses/10s
add action=add-dst-to-address-list address-list=ddos-target address-list-timeout=10m chain=detect-ddos disabled=yes
add action=add-src-to-address-list address-list=ddos-attackers address-list-timeout=10m chain=detect-ddos disabled=yes
add action=accept chain=input connection-state=established,related,untracked disabled=yes
add action=accept chain=input disabled=yes dst-address=127.0.0.1
add action=drop chain=input connection-state=invalid disabled=yes
add action=drop chain=forward comment="Drop incoming from internet which is not public IP" disabled=yes in-interface=ether1 log=yes log-prefix="! public" src-address-list=not_in_internet
add action=return chain=detect-ddos disabled=yes dst-limit=32,32,src-and-dst-addresses/10s
add action=add-dst-to-address-list address-list=ddos-target address-list-timeout=10m chain=detect-ddos disabled=yes
add action=add-src-to-address-list address-list=ddos-attackers address-list-timeout=10m chain=detect-ddos disabled=yes
You do not have the required permissions to view the files attached to this post.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: repetitive code 3 message in log section

Sat Oct 01, 2022 3:10 pm

so what MT router want to tell me by this Reptitive message in log section..?
the router do not tell anything, you have instructed it to log on one rule: log=yes log-prefix="! public"
and as usual with the ... we can not even check what is written after.

and what code 3 mean..?
On that line you read only "code 3"?
Read all first, and study how ICMP works.
 
User avatar
Techsystem
Member
Member
Topic Author
Posts: 337
Joined: Tue Dec 21, 2021 5:12 am

Re: repetitive code 3 message in log section

Sat Oct 01, 2022 5:04 pm

so how i can disable this log from appearing..? where is the controlling log center..?
i didn't understand what you mean by this sentence "and as usual with the..we can not even..etc"
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: repetitive code 3 message in log section

Sat Oct 01, 2022 6:47 pm

where are log=yes log-prefix="! public" on your config?

where are the … on image?
 
User avatar
Techsystem
Member
Member
Topic Author
Posts: 337
Joined: Tue Dec 21, 2021 5:12 am

Re: repetitive code 3 message in log section

Sat Oct 01, 2022 7:42 pm

moderator note: do not quote preceding post, use "post Reply".
sorry Mr rextended but it seems that i still didn't understand what you mean by that..! However, as you you see, this is all my firewall config -( in the attached file)-
and for more info i notice that when i disable all my firewall rules, this repeated message has gone, so my question what happen in my mikrotik to caue this message to appear in the log as you see in the picture..? i have this firewall rule for more than a month and no such thing appear in the log before.
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1347
Joined: Mon Sep 23, 2019 1:04 pm

Re: repetitive code 3 message in log section

Sat Oct 01, 2022 7:53 pm

I will try to explain as simple as I can.
In pictures:
log firewall rule.png
And in writing:
add action=drop chain=forward comment="Drop incoming from internet which is not public IP" disabled=yes in-interface=ether1 log=yes log-prefix="! public" src-address-list=not_in_internet
You do not have the required permissions to view the files attached to this post.
 
User avatar
Techsystem
Member
Member
Topic Author
Posts: 337
Joined: Tue Dec 21, 2021 5:12 am

Re: repetitive code 3 message in log section

Sat Oct 01, 2022 9:00 pm

moderator note: do not quote preceding post, use "post Reply".
 
User avatar
k6ccc
Forum Guru
Forum Guru
Posts: 1490
Joined: Fri May 13, 2016 12:01 am
Location: Glendora, CA, USA (near Los Angeles)
Contact:

Re: repetitive code 3 message in log section

Sun Oct 02, 2022 6:23 am

Try learning what ICMP does, and how it works.
Here is a reference: https://www.iana.org/assignments/icmp-p ... ters.xhtml

Who is online

Users browsing this forum: dioeyandika and 42 guests