I am a newbie in MikroTik RouterOS.
How can I add a rule or script to beep when some one tries to connect to a special port on one of interfaces?
For example I need to know if someone is trying to ftp to my server from outside world.
Asked
Active
Viewed 2,279 times
2
-
"I need to know if someone is trying to ftp to my server from outside world" <-- If it's connected to the Internet, then someone is attacking it. I guarantee it. – Chris S Oct 29 '13 at 19:37
1 Answers
8
As far as I know, there is no way to do that directly.
Workaround could be using firewall rule to add source ip to addresslist:
/ip firewall filter add action=add-src-to-address-list address-list=beeplist
address-list-timeout=1m1s chain=input disabled=no dst-port=21 protocol=tcp
and then run script to check'n'beep:
:if ([ :len [ip firewall address-list find where list=beeplist]]>0) do={:beep}
periodically via scheduler:
/system scheduler add interval=60s name=beeplist on-event=":if ([ :len [ip firewall address-list find where list=beeplist]]>0) do={:beep}"
Entries in address-list are going to be deleted via address-list-timeout settings.
Still, you are going to hear a lot of beeps...
yaplik
- 401
- 2
- 3
-
3+1. Noone likely considers this a good feature to impolkement because mosst routers wont have anyone hearing them scream, being in cabinets, server rooms or - in the case of mikrotik - up on towers :) – TomTom Oct 29 '13 at 19:27
-
Also, the last time I looked at firewall logs I get attacked a few times a minute. I might as well just set it to beep every few seconds, would but just as accurate. – Chris S Oct 29 '13 at 19:33