Back home
0

Mikrotik – ochrana proti DDOS

Stačí nastavit toto:

/ip firewall filter add chain=forward connection-state=new action=jump jump-target=detect-ddos
/ip firewall filter add chain=detect-ddos dst-limit=32,32,src-and-dst-addresses/10s action=return
vyjimka na ip /ip firewall filter add chain=detect-ddos src-address=8.8.8.8 action=return
/ip firewall filter add chain=detect-ddos action=add-dst-to-address-list address-list=ddosed address-list-timeout=10m
/ip firewall filter add chain=detect-ddos action=add-src-to-address-list address-list=ddoser address-list-timeout=10m
/ip firewall filter add chain=forward connection-state=new src-address-list=ddoser dst-address-list=ddosed action=drop


Have your say