Простая защита от DDoS RouterOS

> /ip firewall filter
> add action=jump chain=forward comment="drop ddos" connection-state=new jump-target=block-ddos
> add action=drop chain=forward connection-state=new dst-address-list=ddosed log=yes log-prefix=ddos src-address-list=ddoser
> add action=return chain=block-ddos dst-limit=50,50,src-and-dst-addresses/10s
> add action=add-dst-to-address-list address-list=ddosed address-list-timeout=10m chain=block-ddos
> add action=add-src-to-address-list address-list=ddoser address-list-timeout=10m chain=block-ddos

 

Добавить комментарий

Ваш e-mail не будет опубликован. Обязательные поля помечены *