Community discussions

MikroTik App
 
gilkar
just joined
Topic Author
Posts: 1
Joined: Tue Apr 03, 2018 8:06 am

Prevent SYN-ACK Flood From mikrotik

Fri Nov 12, 2021 9:39 am

Hello everyone (sorry for english)
I have web hosting website, and i using mikrotik for router. i need config SYN-ACK Flood attack protection from router to outgoing.

I using this below rule, but i dont know exactly its work to prevent outgoing atack or only work with incoming traffic to router.
/ip/firewall/filter add action=return chain=detect-ddos dst-limit=32,32,src-and-dst-addresses/10s protocol=tcp tcp-flags=syn,ack
https://help.mikrotik.com/docs/pages/vi ... d=28606504

I also added this below rule, and chaned chain to " forward" and setting up outgoing ether to ether1, its true? and which number better for dst-limit= ?
/ip firewall filter add action=return chain=forward dst-limit=32,150,src-and-dst-addresses/10s protocol=tcp tcp-flags=syn,ack

if possible guid me. thanks

Who is online

Users browsing this forum: Ahrefs [Bot], Amazon [Bot], bpwl, hendry, infabo and 84 guests