參考看看:
/ip firewall filter
add action=drop chain=input protocol=udp dst-port=53 in-interface=pppoe-out1 comment="Blocking DNS requests"
add action=drop chain=input protocol=tcp dst-port=53 in-interface=pppoe-out1 comment="Blocking DNS requests"
add action=drop chain=forward protocol=udp dst-port=53 out-interface=!pppoe-out1 comment="Blocking DNS requests"
add action=drop chain=forward protocol=tcp dst-port=53 out-interface=!pppoe-out1 comment="Blocking DNS requests"
/ip firewall nat
add action=redirect chain=dstnat protocol=udp dst-port=53 in-interface=!pppoe-out1 comment="Blocking DNS requests"
add action=redirect chain=dstnat protocol=tcp dst-port=53 in-interface=!pppoe-out1 comment="Blocking DNS requests"
PS. WAN Port interface 請修改成你的設定名稱。
/ip firewall filter
add action=drop chain=input protocol=udp dst-port=53 in-interface=pppoe-out1 comment="Blocking DNS requests"
add action=drop chain=input protocol=tcp dst-port=53 in-interface=pppoe-out1 comment="Blocking DNS requests"
add action=drop chain=forward protocol=udp dst-port=53 out-interface=!pppoe-out1 comment="Blocking DNS requests"
add action=drop chain=forward protocol=tcp dst-port=53 out-interface=!pppoe-out1 comment="Blocking DNS requests"
/ip firewall nat
add action=redirect chain=dstnat protocol=udp dst-port=53 in-interface=!pppoe-out1 comment="Blocking DNS requests"
add action=redirect chain=dstnat protocol=tcp dst-port=53 in-interface=!pppoe-out1 comment="Blocking DNS requests"
PS. WAN Port interface 請修改成你的設定名稱。
http://www.mobile01.com/topicdetail.php?f=110&t=3205444&p=283
ip >DNS> cache 看是否有異常
增加設定,可以還原原本的效率
發表文章
