routeros防火墙属于包过滤防火墙,你可以定义一系列的规则过滤掉发往routeros、从routeros发出、通过routeros转发的数据包。在routeros防火墙中定义了三个防火墙(过滤)链(即input、forward、output),你可以在这三个链当中定义你自己的规则。
input意思是指发往routeros自己的数据(也就是目的ip是routeros接口中的一个ip地址);
output意思是指从routeros发出去的数据(也就是数据包源ip是routeros接口中的一个ip地址);
forward意思是指通过routeros转发的(比如你内部计算机访问外部网络,数据需要通过你的routeros进行转发出去)。
ROS禁止ping
禁止内网ping脚本
/ip firewall filter add chain=output src-address=192.168.1.0/24 protocol=icmp action=drop comment="192.168.1.0 \BD\FB\D6\B9Ping"禁止外网ping脚本
/ip firewall filter add chain=input src-address=!192.168.1.0/24 protocol=icmp action=drop comment="\BD\FB\D6\B9\CD\E2\CD\F8Ping"禁止内外网对路由的ICMP数据包(禁止来自内外网的ping)
/ip firewall filter add chain=output protocol=icmp action=drop comment="No Ping"ROS禁止用户tracert
/ip firewall filter add chain=forward protocol=icmp icmp-options=11 action=drop comment="No tracert"ROS封锁端口脚本
下面以要封锁的端口为20,使用协议为tcp,备注为Web_Server为例:
/ip firewall filter add chain=output protocol=tcp dst-port=20 action=drop comment="Web_Server"ROS封锁IP地址脚本
下面以要封锁的IP地址为222.172.200.61/29,备注为Web_Server为例:
/ip firewall filter add chain=forward dst-address=222.172.200.61/29 action=drop comment="Web_Server"ROS封锁软件类
封迅雷多线程下载(即一个线程下载,和IE一样)
/ip firewall filter add chain=forward content="octet-stream"action=drop comment="Blockade Thunder 1.thread" disabled=no彻底封迅雷下载脚本
/ip firewall filter add chain=forward content="octent-stream" action=drop comment="blockade thunder" disabled=no
/ip firewall filter add chain=forward content="pragma: no-cache" action=drop comment="" disabled=no
/ip firewall filter add chain=forward content="Connection: close" action=drop comment="" disabled=no
/ip firewall filter add chain=forward content="Range: bytes=" action=drop comment="" disabled=no
/ip firewall filter add chain=forward content="Cookie:__utma=" action=drop comment="" disabled=no
/ip firewall filter add chain=forward content="filename=" action=drop comment="" disabled=no
/ip firewall filter add chain=forward content="Cookie rtime=" action=drop comment="" disabled=no
/ip firewall filter add chain=forward content="Content-Disposition: attachment;" action=drop comment="" disabled=no批量禁止部分网络软件(电驴/屁屁狗/酷狗/比特精灵/宝酷/百度下吧)
/ ip firewall filter
add chain=input protocol=udp dst-port=137-138 action=drop comment="drop udp137-138"
add chain=forward protocol=tcp dst-port=4661 action=drop comment="downP2P VeryCD"
add chain=forward protocol=tcp dst-port=4662 action=drop
add chain=forward protocol=tcp dst-port=4242 action=drop
add chain=forward dst-address=62.241.53.15/32 action=drop
# 屁屁狗(PPGOU)
add chain=forward protocol=tcp dst-port=8505 action=drop comment="downTools PPGOU"
add chain=forward dst-address=219.153.0.152/32 action=drop
add chain=forward dst-address=61.145.116.186/32 action=drop
# KUGO酷狗
add chain=forward protocol=tcp dst-port=3318 action=drop comment="downMP3 KUGO" disabled=yes
add chain=forward protocol=tcp dst-port=1043 action=drop disabled=yes
add chain=forward protocol=tcp dst-port=4224 action=drop disabled=yes
add chain=forward protocol=tcp dst-port=2371 action=drop disabled=yes
add chain=forward protocol=udp dst-port=7000 action=drop disabled=yes
add chain=forward dst-address=218.16.125.227/32 action=drop disabled=yes
add chain=forward dst-address=61.143.210.56/32 action=drop disabled=yes
add chain=forward dst-address=218.16.125.226/32 action=drop disabled=yes
add chain=forward dst-address=61.129.115.206/32 action=drop disabled=yes
add chain=forward dst-address=61.145.114.33/32 action=drop disabled=yes
# RF online
add chain=forward dst-address=218.30.85.16/32 dst-port=8888 action=accept comment="RF online"
add chain=forward dst-address=59.34.215.133/32 dst-port=8888 action=accept
add chain=forward dst-address=60.28.26.66/32 dst-port=8888 action=accept
# 比特精灵
add chain=forward protocol=tcp dst-port=16881 action=drop comment="downP2P BitSpirit"
add chain=forward protocol=tcp dst-port=6881-6890 action=drop
add chain=forward protocol=tcp dst-port=8881-8890 action=drop
add chain=forward protocol=udp dst-port=16881 action=drop
add chain=forward protocol=udp dst-port=6881-6890 action=drop
add chain=forward protocol=udp dst-port=8881-8890 action=drop
# 宝酷
add chain=forward protocol=tcp dst-port=6346 action=drop comment="downP2P BaoCue"
add chain=forward protocol=tcp dst-port=11300 action=drop
add chain=forward dst-address=61.172.197.196/32 action=drop
add chain=forward dst-address=218.1.14.3/32 action=drop
add chain=forward dst-address=218.1.14.4/32 action=drop
add chain=forward dst-address=218.1.14.9/32 action=drop
add chain=forward dst-address=61.172.197.209/32 action=drop
add chain=forward dst-address=61.172.197.197/32 action=drop
add chain=forward dst-address=218.1.14.5/32 action=drop
add chain=forward dst-address=218.5.72.118/32 action=drop
add chain=forward dst-address=61.172.197.196/32 action=drop
# 百度下吧
add chain=forward protocol=tcp dst-port=11000 action=drop comment="downP2P BaiDuXiaBa" disabled=yes
add chain=forward dst-address=202.108.249.171/32 action=drop禁止PPlive网络电视在线观看
/ ip firewall filter
add chain=input protocol=udp dst-port=137-138 action=drop comment="drop udp137-138"
add chain=forward protocol=tcp dst-port=8008 action=drop comment="P2PTV PPlive"
add chain=forward protocol=udp dst-port=4004 action=drop禁止QQ旋风下载
/ ip firewall address-list
add list="BlockadeQqXuanFeng" address=124.115.5.173 comment="" disabled=no
add list="BlockadeQqXuanFeng" address=119.147.18.173 comment="" disabled=no
add list="BlockadeQqXuanFeng" address=117.95.243.97 comment="" disabled=no
add list="BlockadeQqXuanFeng" address=124.115.0.180 comment="" disabled=no
/ ip firewall filter
add chain=forward dst-address-list="BlockadeQqXuanFeng" action=drop comment="BlockadeQqXuanFeng" disabled=no禁止QQ聊天脚本(禁止QQ登录,不影响腾讯其它业务及网站)
/ ip firewall filter
add chain=forward protocol=tcp dst-port=8008 action=drop comment="QQServer"
add chain=forward protocol=udp dst-port=8000 action=drop
add chain=forward dst-address=61.144.238.0/24 action=drop
add chain=forward dst-address=61.152.100.0/24 action=drop
add chain=forward dst-address=61.141.194.0/24 action=drop
add chain=forward dst-address=202.96.170.163/32 action=drop
add chain=forward dst-address=202.104.129.0/24 action=drop
add chain=forward dst-address=202.104.193.20/32 action=drop
add chain=forward dst-address=202.104.193.11/32 action=drop
add chain=forward dst-address=202.104.193.12/32 action=drop
add chain=forward dst-address=218.17.209.23/32 action=drop
add chain=forward dst-address=218.18.95.153/32 action=drop
add chain=forward dst-address=218.18.95.165/32 action=drop
add chain=forward dst-address=218.18.95.220/32 action=drop
add chain=forward dst-address=218.85.138.70/32 action=drop
add chain=forward dst-address=219.133.38.0/24 action=drop
add chain=forward dst-address=219.133.49.0/24 action=drop
add chain=forward dst-address=220.133.40.0/24 action=drop
add chain=forward content=sz.tencent.com action=reject
add chain=forward content=sz2.tencent.com action=reject
add chain=forward content=sz3.tencent.com action=reject
add chain=forward content=sz4.tencent.com action=reject
add chain=forward content=sz5.tencent.com action=reject
add chain=forward content=sz6.tencent.com action=reject
add chain=forward content=sz7.tencent.com action=reject
add chain=forward content=sz8.tencent.com action=rejec
add chain=forward content=sz9.tencent.com action=rejec
add chain=forward content=tcpconn.tencent.com action=reject
add chain=forward content=tcpconn2.tencent.com action=reject
add chain=forward content=tcpconn3.tencent.com action=reject
add chain=forward content=tcpconn4.tencent.com action=reject
add chain=forward content=tcpconn5.tencent.com action=reject
add chain=forward content=tcpconn6.tencent.com action=reject
add chain=forward content=tcpconn7.tencent.com action=reject
add chain=forward content=tcpconn8.tencent.com action=reject
add chain=forward content=qq.com action=reject
add chain=forward content=www.qq.com action=reject禁止腾讯QQ直播
/ ip firewall filter
add chain=input protocol=udp dst-port=137-138 action=drop comment="drop udp137-138"
add chain=forward protocol=udp dst-port=13002-13999 action=drop comment="P2PTV QQ" disabled=yes推荐防火墙(Firewall)脚本
此脚本包含众多的防火墙策略,屏蔽病毒端口,限制单机连接数,屏蔽木马后门,压制DOS攻击等。
特别说明:非特别情况请不要用此功能,此功能将会影响网页显示。
/ip firewall filter
add action=drop chain=input comment=\
"\B6\AA\C6\FA\B7\C7\B7\A8\C1\AC\BD\D3\CA\FD\BE\DD" connection-state=\
invalid disabled=no
add action=drop chain=input comment=\
"\CF\DE\D6\C6\D7\DChttp\C1\AC\BD\D3\CA\FD\CE\AA20" connection-limit=20,0 \
disabled=no dst-port=80 protocol=tcp
add action=drop chain=input comment=\
"\CC\BD\B2\E2\B2\A2\B6\AA\C6\FA\B6\CB\BF\DA\C9\A8\C3\E8\C1\AC\BD\D3" \
disabled=no protocol=tcp psd=21,3s,3,1
add action=tarpit chain=input comment="\D1\B9\D6\C6DoS\B9\A5\BB\F7" \
connection-limit=3,32 disabled=no protocol=tcp src-address-list=\
black_list
add action=add-src-to-address-list address-list=black_list \
address-list-timeout=1d chain=input comment="\CC\BD\B2\E2DoS\B9\A5\BB\F7" \
connection-limit=10,32 disabled=no protocol=tcp
add action=drop chain=input comment=\
"\B6\AA\C6\FA\B5\F4\B7\C7\B1\BE\B5\D8\CA\FD\BE\DD" disabled=no \
dst-address-type=!local
add action=jump chain=input comment="\CC\F8\D7\AA\B5\BDICMP\C1\B4\B1\ED" \
disabled=no jump-target=ICMP protocol=icmp
add action=accept chain=ICMP comment=\
"Ping\D3\A6\B4\F0\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" disabled=no \
icmp-options=0:0-255 limit=5,5 protocol=icmp
add action=accept chain=ICMP comment=\
"Traceroute\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" disabled=no \
icmp-options=3:3 limit=5,5 protocol=icmp
add action=accept chain=ICMP comment=\
"MTU\CF\DF\C2\B7\CC\BD\B2\E2\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" \
disabled=no icmp-options=3:4 limit=5,5 protocol=icmp
add action=accept chain=ICMP comment=\
"Ping\C7\EB\C7\F3\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" disabled=no \
icmp-options=8:0-255 limit=5,5 protocol=icmp
add action=accept chain=ICMP comment=\
"Trace TTL\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" disabled=no \
icmp-options=11:0-255 limit=5,5 protocol=icmp
add action=drop chain=ICMP comment=\
"\B6\AA\C6\FA\B5\F4\C8\CE\BA\CEICMP\CA\FD\BE\DD" disabled=no protocol=\
icmp
add action=drop chain=forward comment=\
"\B6\AA\C6\FA\B7\C7\B7\A8\CA\FD\BE\DD\B0\FC" connection-state=invalid \
disabled=no
add action=drop chain=forward comment=\
"\B6\AA\C6\FA\B5\F4\CB\F9\D3\D0\B7\C7\B5\A5\B2\A5\CA\FD\BE\DD" disabled=\
no src-address-type=!unicast
add action=jump chain=forward comment="\CC\F8\D7\AA\B5\BDICMP\C1\B4\B1\ED" \
disabled=no jump-target=ICMP protocol=icmp
add action=jump chain=forward comment=\
"\CC\F8\D7\AA\B5\BD\B2\A1\B6\BE\C1\B4\B1\ED" disabled=no jump-target=\
virus
add action=drop chain=forward comment=\
"\CF\DE\D6\C6\C3\BF\B8\F6\D6\F7\BB\FATCP\C1\AC\BD\D3\CA\FD\CE\AA80\CC\F5" \
connection-limit=80,32 disabled=no protocol=tcp
add action=accept chain=forward comment=\
"\BD\D3\CA\DC\CB\F9\D3\D0\CA\FD\BE\DD" disabled=no
add action=drop chain=virus comment=DeepThroat.Trojan-1 disabled=no dst-port=\
41 protocol=tcp
add action=drop chain=virus comment=Worm.NetSky.Y@mm disabled=no dst-port=82 \
protocol=tcp
add action=drop chain=virus comment=W32.Korgo.A/B/C/D/E/F-1 disabled=no \
dst-port=113 protocol=tcp
add action=drop chain=virus comment=W33.Korgo.A/B/C/D/E/F-2 disabled=no \
dst-port=2041 protocol=tcp
add action=drop chain=virus comment=DeepThroat.Trojan-2 disabled=no dst-port=\
3150 protocol=tcp
add action=drop chain=virus comment=W32.Korgo.A/B/C/D/E/F-3 disabled=no \
dst-port=3067 protocol=tcp
add action=drop chain=virus comment=Backdoor.IRC.Aladdinz.R-1 disabled=no \
dst-port=3422 protocol=tcp
add action=drop chain=virus comment=W32.Korgo.A/B/C/D/E/F-4 disabled=no \
dst-port=6667 protocol=tcp
add action=drop chain=virus comment=Worm.NetSky.S/T/U@mm disabled=no \
dst-port=6789 protocol=tcp
add action=drop chain=virus comment=Back.Orifice.2000.Trojan-1 disabled=no \
dst-port=8787 protocol=tcp
add action=drop chain=virus comment=Back.Orifice.2000.Trojan-2 disabled=no \
dst-port=8879 protocol=tcp
add action=drop chain=virus comment=W32.Dabber.A/B-2 disabled=no dst-port=\
8967 protocol=tcp
add action=drop chain=virus comment=W32.Dabber.A/B-3 disabled=no dst-port=\
9999 protocol=tcp
add action=drop chain=virus comment=Block.NetBus.Trojan-2 disabled=no \
dst-port=20034 protocol=tcp
add action=drop chain=virus comment=GirlFriend.Trojan-1 disabled=no dst-port=\
21554 protocol=tcp
add action=drop chain=virus comment=Back.Orifice.2000.Trojan-3 disabled=no \
dst-port=31666 protocol=tcp
add action=drop chain=virus comment=Backdoor.IRC.Aladdinz.R-2 disabled=no \
dst-port=43958 protocol=tcp
add action=drop chain=virus comment=DeepThroat.Trojan-3 disabled=no dst-port=\
999 protocol=tcp
add action=drop chain=virus comment=DeepThroat.Trojan-4 disabled=no dst-port=\
6670 protocol=tcp
add action=drop chain=virus comment=DeepThroat.Trojan-5 disabled=no dst-port=\
6771 protocol=tcp
add action=drop chain=virus comment=DeepThroat.Trojan-6 disabled=no dst-port=\
60000 protocol=tcp
add action=drop chain=virus comment=DeepThroat.Trojan-7 disabled=no dst-port=\
2140 protocol=tcp
add action=drop chain=virus comment=Portal.of.Doom.Trojan-1 disabled=no \
dst-port=10067 protocol=tcp
add action=drop chain=virus comment=Portal.of.Doom.Trojan-2 disabled=no \
dst-port=10167 protocol=tcp
add action=drop chain=virus comment=Portal.of.Doom.Trojan-3 disabled=no \
dst-port=3700 protocol=tcp
add action=drop chain=virus comment=Portal.of.Doom.Trojan-4 disabled=no \
dst-port=9872-9875 protocol=tcp
add action=drop chain=virus comment=Delta.Source.Trojan-1 disabled=no \
dst-port=6883 protocol=tcp
add action=drop chain=virus comment=Delta.Source.Trojan-2 disabled=no \
dst-port=26274 protocol=tcp
add action=drop chain=virus comment=Delta.Source.Trojan-3 disabled=no \
dst-port=4444 protocol=tcp
add action=drop chain=virus comment=Delta.Source.Trojan-4 disabled=no \
dst-port=47262 protocol=tcp
add action=drop chain=virus comment=Eclypse.Trojan-1 disabled=no dst-port=\
3791 protocol=tcp
add action=drop chain=virus comment=Eclypse.Trojan-2 disabled=no dst-port=\
3801 protocol=tcp
add action=drop chain=virus comment=Eclypse.Trojan-3 disabled=no dst-port=\
65390 protocol=tcp
add action=drop chain=virus comment=Y3K.RAT.Trojan-1 disabled=no dst-port=\
5880-5882 protocol=tcp
add action=drop chain=virus comment=Y3K.RAT.Trojan-2 disabled=no dst-port=\
5888-5889 protocol=tcp
add action=drop chain=virus comment=NetSphere.Trojan-1 disabled=no dst-port=\
30100-30103 protocol=tcp
add action=drop chain=virus comment=NetSphere.Trojan-2 disabled=no dst-port=\
30133 protocol=tcp
add action=drop chain=virus comment=NetMonitor.Trojan-1 disabled=no dst-port=\
7300-7301 protocol=tcp
add action=drop chain=virus comment=NetMonitor.Trojan-2 disabled=no dst-port=\
7306-7308 protocol=tcp
add action=drop chain=virus comment=FireHotcker.Trojan-1 disabled=no \
dst-port=79 protocol=tcp
add action=drop chain=virus comment=FireHotcker.Trojan-2 disabled=no \
dst-port=5031 protocol=tcp
add action=drop chain=virus comment=FireHotcker.Trojan-3 disabled=no \
dst-port=5321 protocol=tcp
add action=drop chain=virus comment=TheThing.Trojan-1 disabled=no dst-port=\
6400 protocol=tcp
add action=drop chain=virus comment=GateCrasher.Trojan-1 disabled=no \
dst-port=1047 protocol=tcp
add action=drop chain=virus comment=GateCrasher.Trojan-2 disabled=no \
dst-port=6969-6970 protocol=tcp
add action=drop chain=virus comment=SubSeven-1 disabled=no dst-port=2774 \
protocol=tcp
add action=drop chain=virus comment=SubSeven-2 disabled=no dst-port=27374 \
protocol=tcp
add action=drop chain=virus comment=SubSeven-3 disabled=no dst-port=1243 \
protocol=tcp
add action=drop chain=virus comment=SubSeven-4 disabled=no dst-port=1234 \
protocol=tcp
add action=drop chain=virus comment=SubSeven-5 disabled=no dst-port=6711-6713 \
protocol=tcp
add action=drop chain=virus comment=SubSeven-7 disabled=no dst-port=16959 \
protocol=tcp
add action=drop chain=virus comment=Moonpie.Trojan-1 disabled=no dst-port=\
25685-25686 protocol=tcp
add action=drop chain=virus comment=Moonpie.Trojan-2 disabled=no dst-port=\
25982 protocol=tcp
add action=drop chain=virus comment=NetSpy.Trojan-3 disabled=no dst-port=\
31337-31339 protocol=tcp
add action=drop chain=virus comment=Trojan disabled=no dst-port=8102 \
protocol=tcp
add action=drop chain=virus comment=WAY.Trojan disabled=no dst-port=8011 \
protocol=tcp
add action=drop chain=virus comment=Trojan.BingHe disabled=no dst-port=7626 \
protocol=tcp
add action=drop chain=virus comment=Trojan.NianSeHoYian disabled=no dst-port=\
19191 protocol=tcp
add action=drop chain=virus comment=NetBull.Trojan disabled=no dst-port=\
23444-23445 protocol=tcp
add action=drop chain=virus comment=WinCrash.Trojan-1 disabled=no dst-port=\
2583 protocol=tcp
add action=drop chain=virus comment=WinCrash.Trojan-2 disabled=no dst-port=\
3024 protocol=tcp
add action=drop chain=virus comment=WinCrash.Trojan-3 disabled=no dst-port=\
4092 protocol=tcp
add action=drop chain=virus comment=WinCrash.Trojan-4 disabled=no dst-port=\
5714 protocol=tcp
add action=drop chain=virus comment=Doly1.0/1.35/1.5trojan-1 disabled=no \
dst-port=1010-1012 protocol=tcp
add action=drop chain=virus comment=Doly1.0/1.35/1.5trojan-2 disabled=no \
dst-port=1015 protocol=tcp
add action=drop chain=virus comment=TransScout.Trojan-1 disabled=no dst-port=\
2004-2005 protocol=tcp
add action=drop chain=virus comment=TransScout.Trojan-2 disabled=no dst-port=\
9878 protocol=tcp
add action=drop chain=virus comment=Backdoor.YAI..Trojan-1 disabled=no \
dst-port=2773 protocol=tcp
add action=drop chain=virus comment=Backdoor.YAI.Trojan-2 disabled=no \
dst-port=7215 protocol=tcp
add action=drop chain=virus comment=Backdoor.YAI.Trojan-3 disabled=no \
dst-port=54283 protocol=tcp
add action=drop chain=virus comment=BackDoorTrojan-1 disabled=no dst-port=\
1003 protocol=tcp
add action=drop chain=virus comment=BackDoorTrojan-2 disabled=no dst-port=\
5598 protocol=tcp
add action=drop chain=virus comment=BackDoorTrojan-3 disabled=no dst-port=\
5698 protocol=tcp
add action=drop chain=virus comment=SchainwindlerTrojan-2 disabled=no \
dst-port=31554 protocol=tcp
add action=drop chain=virus comment=Shaft.DDoS.Trojan-1 disabled=no dst-port=\
18753 protocol=tcp
add action=drop chain=virus comment=Shaft.DDoS.Trojan-2 disabled=no dst-port=\
20432 protocol=tcp
add action=drop chain=virus comment=Devil.DDoS.Trojan disabled=no dst-port=\
65000 protocol=tcp
add action=drop chain=virus comment=LatinusTrojan-1 disabled=no dst-port=\
11831 protocol=tcp
add action=drop chain=virus comment=LatinusTrojan-2 disabled=no dst-port=\
29559 protocol=tcp
add action=drop chain=virus comment=Snid.X2Trojan-1 disabled=no dst-port=1784 \
protocol=tcp
add action=drop chain=virus comment=Snid.X2Trojan-2 disabled=no dst-port=3586 \
protocol=tcp
add action=drop chain=virus comment=Snid.X2Trojan-3 disabled=no dst-port=7609 \
protocol=tcp
add action=drop chain=virus comment=BionetTrojan-1 disabled=no dst-port=\
12348-12349 protocol=tcp
add action=drop chain=virus comment=BionetTrojan-2 disabled=no dst-port=12478 \
protocol=tcp
add action=drop chain=virus comment=BionetTrojan-3 disabled=no dst-port=57922 \
protocol=tcp
add action=drop chain=virus comment=Worm.Novarg.a.Mydoom.a1. disabled=no \
dst-port=3127 protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.a.Bagle.a. disabled=no \
dst-port=6777 protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.b disabled=no dst-port=8866 \
protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.c-g/j-l disabled=no \
dst-port=2745 protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.p/q/r/n disabled=no \
dst-port=2556 protocol=tcp
add action=drop chain=virus comment=Worm.BBEagle.m-2 disabled=no dst-port=\
20742 protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.s/t/u/v disabled=no \
dst-port=4751 protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.aa/ab/w/x-z-2 disabled=no \
dst-port=2535 protocol=tcp
add action=drop chain=virus comment=Worm.LovGate.r.RpcExploit disabled=no \
dst-port=5238 protocol=tcp
add action=drop chain=virus comment=Worm.Sasser.a disabled=no dst-port=1068 \
protocol=tcp
add action=drop chain=virus comment=Worm.Sasser.b/c/f disabled=no dst-port=\
5554 protocol=tcp
add action=drop chain=virus comment=Worm.Sasser.b/c/f disabled=no dst-port=\
9996 protocol=tcp
add action=drop chain=virus comment=Worm.Sasser.d disabled=no dst-port=9995 \
protocol=tcp
add action=drop chain=virus comment=Worm.Lovgate.a/b/c/d disabled=no \
dst-port=10168 protocol=tcp
add action=drop chain=virus comment=Worm.Lovgate.v.QQ disabled=no dst-port=\
20808 protocol=tcp
add action=drop chain=virus comment=Worm.Lovgate.f/g disabled=no dst-port=\
1092 protocol=tcp
add action=drop chain=virus comment=Worm.Lovgate.f/g disabled=no dst-port=\
20168 protocol=tcp
add action=drop chain=virus comment=ndm.requester disabled=no dst-port=\
1363-1364 protocol=tcp
add action=drop chain=virus comment=screen.cast disabled=no dst-port=1368 \
protocol=tcp
add action=drop chain=virus comment=hromgrafx disabled=no dst-port=1373 \
protocol=tcp
add action=drop chain=virus comment=cichainlid disabled=no dst-port=1377 \
protocol=tcp
add action=drop chain=virus comment=Backdoor.Optixprotocol disabled=no \
dst-port=3410 protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.b disabled=no dst-port=8888 \
protocol=tcp
add action=drop chain=virus comment=Delta.Source.Trojan-7 disabled=no \
dst-port=44444 protocol=udp
add action=drop chain=virus comment=Worm.Sobig.f-3 disabled=no dst-port=8998 \
protocol=udp
add action=drop chain=virus comment=Worm.Sobig.f-1 disabled=no dst-port=123 \
protocol=udp
add action=drop chain=virus comment=Worm.Novarg.a.Mydoom.a2. disabled=no \
dst-port=3198 protocol=tcp
add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=\
139 protocol=tcp
add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=\
135 protocol=tcp
add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=\
445 protocol=tcp© 版权声明
THE END
喜欢就支持一下吧
![灵阳星空-Windows10 LTSC2019 (17763.2145) X64 [纯净精简版] By:不忘初心 精品系统](https://www.jsksky.com/wp-content/uploads/2021/09/bwcx_win10_ltsc.jpg)
请登录后发表评论
注册
社交帐号登录