Skip to content

mikrotik-user/IPSec-bruteforce-prevention

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits

IPSec-bruteforce-prevention.rsc

IPSec-bruteforce-prevention.rsc

 
 

README.md

README.md

 
 

Repository files navigation

IPSec-bruteforce-prevention

This script parses log messages to find failed IPSec connections and bans IP addresses of brutforcers.

Script parses log entries every 5 minutes to find bruteforcers, then it creates address list ipsec-brutforce-from-script records. In order to drop these addresses you need to create firewall rule in filter or raw chain. E. g.: /ip firewall raw add action=drop chain=prerouting src-address-list=ipsec-brutforce-from-script

How to...

  1. Download IPSec-bruteforce-prevention.rsc on your mikrotik router /tool fetch url="https://raw.githubusercontent.com/mikrotik-user/IPSec-bruteforce-prevention/main/IPSec-bruteforce-prevention.rsc" mode=https dst-path=IPSec-bruteforce-prevention.rsc.
  2. Import script /import IPSec-bruteforce-prevention.rsc.
  3. Adjust scheduler permissions if required.

About

This script parses log messages to find failed IPSec connections and bans IP addresses of brutforcers.

Topics

mikrotik script ipsec ban drop bruteforce auto prevention bruteforcer

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages