I made that mistake once capturing all ips that attempted SMTP to port 25 on my mail server. I didn't set them to time out either. Luckily I had Winbox open for a while and noticed I was over 200 ips in less than an hour! I removed that rule and praised my foresight to block that traffic.
-Ty On Feb 27, 2014 5:01 PM, "Josh Luthman" <[email protected]> wrote: > I would have never guessed 3 million IPs would attempt to use my DNS > server. At least know I know. > > Josh Luthman > Office: 937-552-2340 > Direct: 937-552-2343 > 1100 Wayne St > Suite 1337 > Troy, OH 45373 > On Feb 27, 2014 5:22 PM, "Martín Ruiz Ibersystems" < > [email protected]> wrote: > > > Now, you have an idea... More than 3 milion ideas xD > > > > Martín Ruiz > > Director técnico > > 902 909 858 - 669379521 > > www.ibersystems.es > > > > El 27/02/2014, a las 22:56, Josh Luthman <[email protected]> > > escribió: > > > > > Wanted to see the scale of it. > > > > > > Josh Luthman > > > Office: 937-552-2340 > > > Direct: 937-552-2343 > > > 1100 Wayne St > > > Suite 1337 > > > Troy, OH 45373 > > > On Feb 27, 2014 4:25 PM, "Shayne Lebrun" <[email protected]> > > wrote: > > > > > >> Completely ignoring your actual issue, which others have attempted to > > >> answer > > >> (try exporting the list, opening as a text file, bulk adding a remove > > >> command to the front, uploading back to the mikrotik, and running?) > why > > not > > >> just drop incoming connections? Why store them in an address list? > > >> > > >> -----Original Message----- > > >> From: [email protected] > > >> [mailto:[email protected]] On Behalf Of Josh > Luthman > > >> Sent: Thursday, February 27, 2014 11:07 AM > > >> To: Mikrotik discussions > > >> Subject: Re: [Mikrotik] Deleting lots of IPs from address-list > > >> > > >> It's x86. It's anyone attempting to reach my (non authoritative, > > caching) > > >> DNS server from the outside world. > > >> > > >> I don't see how you can do a count on address-list ? How are you > doing > > >> that? > > >> > > >> > > >> Josh Luthman > > >> Office: 937-552-2340 > > >> Direct: 937-552-2343 > > >> 1100 Wayne St > > >> Suite 1337 > > >> Troy, OH 45373 > > >> > > >> > > >> On Thu, Feb 27, 2014 at 11:02 AM, Martin Ruiz Ibersystems < > > >> [email protected]> wrote: > > >> > > >>> WTF!? > > >>> > > >>> > > >>> why those number of addresses? > > >>> The routerboard will die with this action. > > >>> > > >>> > > >>> When we created 20 or 30 thousand users in a hotspot, we noticed that > > >>> its "not" possible to create more than 600 users with a copy paste... > > >>> then, I think it will be something like that. You can create a script > > >>> with a counter... up to 600 or 500 and run this script each 30 > > >>> seconds, for example in the scheduler. > > >>> > > >>> > > >>> > > >>> > > >>> > > >>> > > >>> > > >>> > > >>> > > >>> > > >>> * Martín Ruiz* > > >>> > > >>> *Ibersystems Solutions, SL* > > >>> > > >>> Dpto. Redes Inalámbricas > > >>> > > >>> Tel. 902 909 858 / 93 184 52 13 / 669 37 95 21 > > >>> Web: http://www.ibersystems.es > > >>> Facebook: http://www.facebook.com/Ibersystems > > >>> Twitter: http://www.twitter.com/Ibersystems > > >>> [email protected] > > >>> > > >>> La información incluida en este email es *CONFIDENCIAL*, siendo para > > >>> uso exclusivo del destinatario arriba mencionado. Si Ud lee este > > >>> mensaje y no es el destinatario indicado, le informamos que está > > >>> totalmente prohibida cualquier utilización, divulgación, distribución > > >>> y/o reproducción de esta comunicación, total o parcial, sin > > >>> autorización expresa en virtud de la legislación vigente. Si ha > > >>> recibido este mensaje por error, le rogamos nos lo notifique > > >>> inmediatamente por esta vía y proceda a su eliminación junto con sus > > >> ficheros anexos sin leerlo ni grabarlo. > > >>> > > >>> En virtud de lo establecido en la Ley 15/1999, y la LSSICE 34/2002, > le > > >>> informamos que sus datos forman parte de un fichero automatizado > > >>> titularidad de *IBERSYSTEMS SOLUTIONS, S.L.* La información > registrada > > >>> se utilizará para informarle por cualquier medio electrónico de > > >>> nuestras novedades comerciales. Puede ejercer los derechos de acceso, > > >>> rectificación, cancelación y oposición en: *C/ CAMÍ RAL DE LA MERCÈ, > > >>> 501 - 08302 MATARÓ > > >>> (BARCELONA).* > > >>> > > >>> En cumplimiento de la Ley 34/2002 del 11 de julio, de Servicios de la > > >>> Sociedad de la Información y de Comercio Electrónico, le informamos > > >>> que puede revocar en cualquier momento, de forma sencilla y gratuita, > > >>> el consentimiento para la recepción de correo electrónico enviando un > > >>> e-mail con su solicitud a:*[email protected] <[email protected] > >* > > >>> > > >>> > > >>> > > >>> > > >>> > > >>> 2014-02-27 16:53 GMT+01:00 Josh Luthman <[email protected] > >: > > >>> > > >>>> About 3.2 million addresses. I didn't set an expiration... > > >>>> > > >>>> Didn't try an export, but how would that help? I can't delete them > > >>>> all > > >>> to > > >>>> import the ones I want if that's what you're shooting for. > > >>>> > > >>>> > > >>>> Josh Luthman > > >>>> Office: 937-552-2340 > > >>>> Direct: 937-552-2343 > > >>>> 1100 Wayne St > > >>>> Suite 1337 > > >>>> Troy, OH 45373 > > >>>> > > >>>> > > >>>> On Thu, Feb 27, 2014 at 10:46 AM, Gerard Dupont III > > >>>> <[email protected] > > >>>>> wrote: > > >>>> > > >>>>> How many entries are we talking here? > > >>>>> > > >>>>> Might be able to use the API, but I suspect it will have same > > >>>>> issue as cli.. > > >>>>> > > >>>>> Can you do a '/ip firewall address-list export file=something' or > > >>>>> does > > >>>> that > > >>>>> crash also? > > >>>>> > > >>>>> Gerard > > >>>>> > > >>>>> > > >>>>> On Thu, Feb 27, 2014 at 10:36 AM, Josh Luthman > > >>>>> <[email protected]>wrote: > > >>>>> > > >>>>>> Does anyone know a way to do this besides rebooting? I'm on v5. > > >>>>>> > > >>>>>> Using SSH and this it crashes: > > >>>>>> /ip firewall address-list remove [/ip firewall address-list find > > >>>>>> list="list-name"] > > >>>>>> > > >>>>>> Josh Luthman > > >>>>>> Office: 937-552-2340 > > >>>>>> Direct: 937-552-2343 > > >>>>>> 1100 Wayne St > > >>>>>> Suite 1337 > > >>>>>> Troy, OH 45373 > > >>>>>> -------------- next part -------------- An HTML attachment was > > >>>>>> scrubbed... > > >>>>>> URL: < > > >>>>>> > > >>>>> > > >>>> > > >>> > http://mail.butchevans.com/pipermail/mikrotik/attachments/20140227/12f > > >>> 66ae3/attachment.html > > >>>>>>> > > >>>>>> _______________________________________________ > > >>>>>> Mikrotik mailing list > > >>>>>> [email protected] > > >>>>>> http://mail.butchevans.com/mailman/listinfo/mikrotik > > >>>>>> > > >>>>>> Visit http://blog.butchevans.com/ for tutorials related to > > >>>>>> Mikrotik RouterOS > > >>>>>> > > >>>>> -------------- next part -------------- An HTML attachment was > > >>>>> scrubbed... > > >>>>> URL: < > > >>>>> > > >>>> > > >>> > http://mail.butchevans.com/pipermail/mikrotik/attachments/20140227/96c > > >>> 37091/attachment.html > > >>>>>> > > >>>>> _______________________________________________ > > >>>>> Mikrotik mailing list > > >>>>> [email protected] > > >>>>> http://mail.butchevans.com/mailman/listinfo/mikrotik > > >>>>> > > >>>>> Visit http://blog.butchevans.com/ for tutorials related to > > >>>>> Mikrotik RouterOS > > >>>>> > > >>>> -------------- next part -------------- An HTML attachment was > > >>>> scrubbed... > > >>>> URL: < > > >>>> > > >>> > http://mail.butchevans.com/pipermail/mikrotik/attachments/20140227/636 > > >>> 61f15/attachment.html > > >>>>> > > >>>> _______________________________________________ > > >>>> Mikrotik mailing list > > >>>> [email protected] > > >>>> http://mail.butchevans.com/mailman/listinfo/mikrotik > > >>>> > > >>>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > > >>>> RouterOS > > >>>> > > >>> -------------- next part -------------- An HTML attachment was > > >>> scrubbed... > > >>> URL: < > > >>> > http://mail.butchevans.com/pipermail/mikrotik/attachments/20140227/de2 > > >>> d9ecd/attachment.html > > >>>> > > >>> _______________________________________________ > > >>> Mikrotik mailing list > > >>> [email protected] > > >>> http://mail.butchevans.com/mailman/listinfo/mikrotik > > >>> > > >>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > > >>> RouterOS > > >>> > > >> -------------- next part -------------- > > >> An HTML attachment was scrubbed... > > >> URL: > > >> < > > >> > > > http://mail.butchevans.com/pipermail/mikrotik/attachments/20140227/5b33ba52 > > >> /attachment.html> > > >> _______________________________________________ > > >> Mikrotik mailing list > > >> [email protected] > > >> http://mail.butchevans.com/mailman/listinfo/mikrotik > > >> > > >> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > > >> RouterOS > > >> > > >> _______________________________________________ > > >> Mikrotik mailing list > > >> [email protected] > > >> http://mail.butchevans.com/mailman/listinfo/mikrotik > > >> > > >> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > > >> RouterOS > > >> > > > -------------- next part -------------- > > > An HTML attachment was scrubbed... > > > URL: < > > > http://mail.butchevans.com/pipermail/mikrotik/attachments/20140227/d5c1327b/attachment.html > > > > > > _______________________________________________ > > > Mikrotik mailing list > > > [email protected] > > > http://mail.butchevans.com/mailman/listinfo/mikrotik > > > > > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > > RouterOS > > _______________________________________________ > > Mikrotik mailing list > > [email protected] > > http://mail.butchevans.com/mailman/listinfo/mikrotik > > > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > > RouterOS > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://mail.butchevans.com/pipermail/mikrotik/attachments/20140227/68343699/attachment.html > > > _______________________________________________ > Mikrotik mailing list > [email protected] > http://mail.butchevans.com/mailman/listinfo/mikrotik > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > RouterOS > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.butchevans.com/pipermail/mikrotik/attachments/20140227/8b73d7f9/attachment.html> _______________________________________________ Mikrotik mailing list [email protected] http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
