coming from the same host to be treated as port scan sequence
• DelayThreshold - delay for the packets with different destination ports coming from the same
host to be treated as possible port scan subsequence
• LowPortWeight - weight of the packets with privileged (<=1024) destination port
• HighPortWeight - weight of the packet with non-priviliged destination port
random ( integer : 1 ..99 ) - matches packets randomly with given propability
routing-mark ( name ) - matches packets marked with the specified routing mark
src-address ( IP address | netmask | IP address | IP address ) - specifies the address range an IP
packet is originated from. Note that console converts entered address/netmask value to a valid
network address, i.e.:1.1.1.1/24 is converted to 1.1.1.0/24
src-address-list ( name ) - matches source address of a packet against user-defined address list
src-address-type ( unicast | local | broadcast | multicast ) - matches source address type of the IP
packet, one of the:
• unicast - IP addresses used for one point to another point transmission. There is only one
sender and one receiver in this case
• local - matches addresses assigned to router's interfaces
• broadcast - the IP packet is sent from one point to all other points in the IP subnetwork
• multicast - this type of IP addressing is responsible for transmission from one or more points to
a set of other points
src-mac-address ( MAC address ) - source MAC address
src-port ( integer : 0 ..65535 | integer : 0 ..65535 ) - source port number or range
tcp-flags ( multiple choice: ack | cwr | ece | fin | psh | rst | syn | urg ) - tcp flags to match
• ack - acknowledging data
• cwr - congestion window reduced
• ece - ECN-echo flag (explicit congestion notification)
• fin - close connection
• psh - push function
• rst - drop connection
• syn - new connection
• urg - urgent data
tcp-mss ( integer : 0 ..65535 ) - matches TCP MSS value of an IP packet
time ( time | time | sat | fri | thu | wed | tue | mon | sun ) - allows to create filter based on the packets'
arrival time and date or, for locally generated packets, departure time and date
tos ( max-reliability | max-throughput | min-cost | min-delay | normal ) - specifies a match for the
value of Type of Service (ToS) field of an IP header
• max-reliability - maximize reliability (ToS=4)
• max-throughput - maximize throughput (ToS=8)
• min-cost - minimize monetary cost (ToS=2)
• min-delay - minimize delay (ToS=16)
• normal - normal service (ToS=0)
Page 454 of 695
Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
To Next Page
Loading...