Ever wanted your MikroTik to have an Internet light? Follow the new guide and it will.
LINK TO MY GUIDE
Tutorials
Policy Based Routing Video
It’s been a long time coming but I’ve finally managed to get my policy based routing video up and out there. If you want to mark specific sites or devices to route over particular gateways then this is the easiest way of doing just that!
https://www.steveocee.co.uk/mikrotik/policy-based-routing/
My first attempt at a honeypot/blacklist
Using a thread on the MikroTik forums as inspiration, I’ve taken the idea and made my first incarnation of a fairly brutal honeypot & blacklist. This is only the interesting part of the full router script but it’s my baseline for starting.
# SET WHITELIST IF NEEDED # SET IN-INTERFACE /ip firewall address-list add address=8.8.8.8 list=WHITELIST /ip firewall filter add action=accept chain=input comment="ACCEPT ESTABLISHED & RELATED SERVICE" connection-state=established,related in-interface=WAN.INTERFACE add action=accept chain=input comment="ACCEPT WHITELIST" src-address-list=WHITELIST in-interface=WAN.INTERFACE add action=accept chain=input comment="ACCEPT PING" protocol=icmp in-interface=WAN.INTERFACE add action=add-src-to-address-list address-list=honeypot-blacklist address-list-timeout=none-dynamic chain=input comment="BLACKLISTING TCP" in-interface=WAN.INTERFACE protocol=tcp src-address-list=!WHITELIST add action=add-src-to-address-list address-list=honeypot-blacklist address-list-timeout=none-dynamic chain=input comment="BLACKLISTING UDP" in-interface=WAN.INTERFACE protocol=udp src-address-list=!WHITELIST add action=drop chain=input comment="DROP BLACKLISTED INPUT" in-interface=WAN.INTERFACE src-address-list=honeypot-blacklist add action=drop chain=input comment="DROP ALL (SHOULD NOT FILL UP)" in-interface=WAN-INTERFACE log=yes log-prefix=non-bl-dropped-traffic
It’s quite strict in that anything that sniffs at it gets added to the blacklist and then blocked until reboot. As I push it further I will probably time the sniffers out for a few days rather than perma-block.
SFQ Tutorial now Online!
My most recent tutorial is now online for viewing. Very basic one but an exceptionally easy way to increase your network efficiency and avoid unwanted slow downs.
It involves the use of a Simple SFQ based queue on your WAN interface and full instructions can be found here
You must be logged in to post a comment.