Параметры Firewall:
# aug/10/2016 09:32:07 by RouterOS 6.36
# software id = X5Q5-12IU
#
/ipv6 firewall filter
add chain=input limit=100,5:packet protocol=icmpv6
add action=drop chain=input protocol=icmpv6
add chain=forward limit=100,5:packet protocol=icmpv6
add action=drop chain=forward protocol=icmpv6
add action=drop chain=input dst-address-list=local log-prefix=""
add action=accept chain=input comment="http(s)" connection-state=established,related,new dst-address-list=web-srvs dst-port=80,443 log-prefix="" \
protocol=tcp
add action=accept chain=input connection-state=established,related log-prefix=""
add action=drop chain=input connection-state=invalid,new log-prefix=""
add action=accept chain=forward connection-state=!invalid in-interface=ether1-gateway log-prefix="" out-interface=bridge-local
add action=drop chain=forward in-interface=ether1-gateway out-interface=ether1-gateway
add action=drop chain=forward connection-state=invalid log-prefix=""
/ipv6 firewall mangle
add action=accept chain=prerouting log-prefix=""
add action=accept chain=forward log-prefix=""
add action=accept chain=postrouting log-prefix=""
При этом наблюдаю более 200 "established" соединений с временем жизни более 15 дней.
Чем это обусловленно? Как ограничить максимальное время жизни соединения?
Простой
Простой
