Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
S
S
Systemshik2015-11-30 10:16:26
Mikrotik
Systemshik, 2015-11-30 10:16:26

Mikrotik Router closing port 53 and further problems?

Hello . There is a Mikrotik Router CCR1009-8G-1S. One day, the provider called me and said that I had port 53 open through which my router is used to conduct DDOS Attak and that I should close it. Well, after a little searching on the Internet, I found how to close it, and closed it. And then there was such a problem simple Wi-Fi routers like D-link or TP-Link stopped giving out the Internet, the Internet appears only when the drop of this port is turned off.
I do not know what to do .

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

4 answer(s)
Report
I
Ilya Efimov, 2015-11-30
@Systemshik

I suspect that you disabled it on all interfaces. You need to close port 53 via the wan interface in the INPUT chain.
chain=input action=drop connection-state=new protocol=udp in-interface=ether1 dst-port=53 log=no log-prefix=""
chain=input action=drop connection-state=new protocol=tcp in-interface =ether1 dst-port=53 log=no log-prefix=""
Something like this.

Report
C
Cool Admin, 2015-11-30
@ifaustrue

Well, "at the same time", so to speak. You also need to do:
1. Close NTP
/ip firewall filter add chain=input action=drop connection-state=new protocol=udp in-interface=ether1 dst-port=123 log=no log-prefix=" "
/ip firewall filter add chain=input action=drop connection-state=new protocol=tcp in-interface=ether1 dst-port=123 log=no log-prefix="
" , www and winbox
3. Attach the rule with connection state established to the input chain from the external interface, and drop the rest exactly as in the article
wiki.mikrotik.com/wiki/Securing_New_RouterOs_Router
add chain=input connection-state=established action=accept comment="accept established connection packets" disabled=no in-interface=ether1
add chain=input connection-state=related action=accept comment="accept related connection packets" disabled= no in-interface=ether1
add chain=input connection-state=invalid action=drop comment="drop invalid packets" disabled=no in-interface=ether1

Report
S
Systemshik, 2015-11-30
@Systemshik

Thanks, it turned out , it remains to ask the provider if everything is fine. just changed the code
/ip firewall filter add chain=input action=drop connection-state=new protocol=udp in-interface=ether1 dst-port=53 log=no log-prefix=" "
/ip firewall filter add chain=input action =drop connection-state=new protocol=tcp in-interface=ether1 dst-port=53 log=no log-prefix=" "

Report
N
Nikita Sizov, 2015-11-30
@sizaik

Colleagues, why not close everything at all, leaving only what is absolutely necessary - say, external control via Winbox, if you use it?
/ip firewall action=accept connection-state=new protocol=tcp in-interface=ether1 dst-port=8219 log=no log-prefix=" "
/ip firewall action=accept connection-state=established in-interface=ether1 log =no log-prefix=" "
/ip firewall filter add chain=input action=drop connection-state=new in-interface=ether1

Similar questions
P
Phorcys2021-01-25 00:44:13
Can I use access points and a controller from different manufacturers? 4Reply
C
chippa2021-01-25 03:46:51
Missing wi fi on Mikrotik hAP ac2 when updating packages. What should I do? 2Reply
G
gadzhi152017-01-11 15:17:23
Mikrotik CRS125-24G-1S cuts internet speed over LAN. How to be? 1Reply
A
AkZwork2019-06-08 03:18:00
How to direct all traffic to VPN in Mikrotik except for certain addresses? 3Reply
P
pr0l2017-01-16 19:59:48
Mikrotik qrt5 vlan does not pass between points? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question