On Tue, Oct 17, 2017 at 12:45 PM, R P ronenp@hotmail.com wrote:
Hi there
I have a Mikrotik for the 44 net
It have a firewall and currently it logs to the screen and the ram (not to the disk) any fail login ... and some rules (not too much as i want open network)
such as SIP signals that are many and some other big intruders protocols
Now i have some deliberation (i hope it is the right word i used google translate) how to configure the logs ?
We use a remote syslog server rather than relying on the router to perform logging duties. You can find information about setting this up here: https://wiki.mikrotik.com/wiki/Manual:System/Log#Logging_configuration
I also wrote some software to run on the syslog server and publish bad IP addresses for the routers to block. You might find this useful: https://github.com/kd7lxl/blacklist-service
Tom KD7LXL