I have a Mikrotik RB750 router that Socks server is configured on it. It has a interface in my LAN and another one in WAN with public IP address. I want to limit access to it from LAN. It seems that some people has found it and using it form WAN!!!
Asked
Active
Viewed 1,661 times
2 Answers
5
Open WinBox . Go to IP > Socks > Access . The Socks Access window is similar to filter rule window. Default action in Socks Access is accept. This means that if no rule get matched, socks server accept that connection.
Now add a rule with accept action your LAN IP addresses range as its Src Address. Then add a rule with deny action. Left other field unchanged. This rule guaranty denying of any socks request other than your LAN IP addresses.
Cierra Clark
- 68
- 3
-
Is rule order important? – Jim Nov 30 '16 at 10:11
-
Yea. Rule matching is done from low index (below # field) to high index. If any rule is matched, it exit rule matching process. – Cierra Clark Nov 30 '16 at 11:06
2
If socks server is running on port 1080 and your LAN IP address range is 192.168.10.0/24 use this in Mikrotik terminal:
/ip firewall filter add action=drop chain=input dst-port=1080 protocol=tcp src-address=!192.168.10.0/24
This command filters traffic by Mikrotik firewall.
Cierra Clark
- 68
- 3
deadhacker1900
- 53
- 1
- 8