Kumpulan Tips Komputer, Software, Networking & Mikrotik: IP Firewall Kutipan Forum Mikrotik

/ip firewall filter
add action=accept chain=forward comment="allow established connections" \
    connection-state=established disabled=no
add action=accept chain=forward comment="allow related connections" \
    connection-state=related disabled=no
add action=drop chain=input comment="drop FTP Brute Forcers" disabled=no \
    dst-port=21 in-interface=Speedy-PPPoE1 protocol=tcp src-address-list=\
    FTP_BlackList
add action=accept chain=output comment="" content="530 Login incorrect" \
    disabled=no dst-limit=1/1m,9,dst-address/1m protocol=tcp
add action=add-dst-to-address-list address-list=FTP_BlackList \
    address-list-timeout=1d chain=output comment="" content=\
    "530 Login incorrect" disabled=no protocol=tcp
add action=drop chain=input comment="drop SSH Brute Forcers" disabled=no \
    dst-port=22-23 in-interface=Speedy-PPPoE1 protocol=tcp src-address-list=\
    IP_BlackList
add action=add-src-to-address-list address-list=IP_BlackList \
    address-list-timeout=1d chain=input comment="" connection-state=new \
    disabled=no dst-port=22-23 in-interface=Speedy-PPPoE1 protocol=tcp \
    src-address-list=SSH_BlackList_3
add action=add-src-to-address-list address-list=SSH_BlackList_3 \
    address-list-timeout=1m chain=input comment="" connection-state=new \
    disabled=no dst-port=22-23 in-interface=Speedy-PPPoE1 protocol=tcp \
    src-address-list=SSH_BlackList_2
add action=add-src-to-address-list address-list=SSH_BlackList_2 \
    address-list-timeout=1m chain=input comment="" connection-state=new \
    disabled=no dst-port=22-23 in-interface=Speedy-PPPoE1 protocol=tcp \
    src-address-list=SSH_BlackList_1
add action=add-src-to-address-list address-list=SSH_BlackList_1 \
    address-list-timeout=1m chain=input comment="" connection-state=new \
    disabled=no dst-port=22-23 in-interface=Speedy-PPPoE1 protocol=tcp
add action=drop chain=input comment="drop port scanners" disabled=no \
    in-interface=Speedy-PPPoE1 src-address-list=port_scanners
add action=add-src-to-address-list address-list=port_scanners \
    address-list-timeout=12h chain=input comment="" disabled=no in-interface=\
    Speedy-PPPoE1 protocol=tcp psd=21,3s,3,1
add action=add-src-to-address-list address-list=port_scanners \
    address-list-timeout=1d chain=input comment="" disabled=no in-interface=\
    Speedy-PPPoE1 protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg
add action=add-src-to-address-list address-list=port_scanners \
    address-list-timeout=1d chain=input comment="" disabled=no in-interface=\
    Speedy-PPPoE1 protocol=tcp tcp-flags=fin,syn
add action=add-src-to-address-list address-list=port_scanners \
    address-list-timeout=1d chain=input comment="" disabled=no in-interface=\
    Speedy-PPPoE1 protocol=tcp tcp-flags=syn,rst
add action=add-src-to-address-list address-list=port_scanners \
    address-list-timeout=1d chain=input comment="" disabled=no in-interface=\
    Speedy-PPPoE1 protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
add action=add-src-to-address-list address-list=port_scanners \
    address-list-timeout=1d chain=input comment="" disabled=no in-interface=\
    Speedy-PPPoE1 protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg
add action=add-src-to-address-list address-list=port_scanners \
    address-list-timeout=1d chain=input comment="" disabled=no in-interface=\
    Speedy-PPPoE1 protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
add action=accept chain=input comment="Allow limited pings" disabled=no \
    in-interface=Speedy-PPPoE1 limit=50/5s,2 protocol=icmp
add action=drop chain=forward comment=";;Block W32.Kido - Conficker" \
    disabled=no protocol=udp src-port=135-139
add action=drop chain=forward comment="" disabled=no dst-port=135-139 \
    protocol=udp
add action=drop chain=forward comment="" disabled=no protocol=udp src-port=\
    445
add action=drop chain=forward comment="" disabled=no dst-port=445 protocol=\
    udp
add action=drop chain=forward comment="" disabled=no protocol=tcp src-port=\
    135-139
add action=drop chain=forward comment="" disabled=no dst-port=135-139 \
    protocol=tcp
add action=drop chain=forward comment="" disabled=no protocol=tcp src-port=\
    445
add action=drop chain=forward comment="" disabled=no dst-port=445 protocol=\
    tcp
add action=drop chain=forward comment="" disabled=no dst-port=4691 protocol=\
    tcp
add action=drop chain=forward comment="" disabled=no dst-port=5933 protocol=\
    tcp
add action=drop chain=forward comment="Blok LLMNR" disabled=no dst-port=5355 \
    protocol=udp
add action=drop chain=forward comment="" disabled=no dst-port=4647 protocol=\
    udp
add action=drop chain=forward comment="SMTP Deny" disabled=no protocol=tcp \
    src-port=25
add action=drop chain=forward comment="" disabled=no dst-port=25 protocol=tcp
add action=drop chain=forward comment="" disabled=no dst-port=7777 protocol=\
    tcp
add action=drop chain=forward comment="drop invalid connections" \
    connection-state=invalid disabled=no
Kumpulan Tips Komputer, Software, Networking & Mikrotik

Halaman

IP Firewall Kutipan Forum Mikrotik

Tidak ada komentar:

Posting Komentar
