灵阳星空
routeros防火墙属于包过滤防火墙,你可以定义一系列的规则过滤掉发往routeros、从routeros发出、通过routeros转发的数据包。在routeros防火墙中定义了三个防火墙(过滤)链(即input、forward、output),你可以在这三个链当中定义你自己的规则。
input意思是指发往routeros自己的数据(也就是目的ip是routeros接口中的一个ip地址);
output意思是指从routeros发出去的数据(也就是数据包源ip是routeros接口中的一个ip地址);
forward意思是指通过routeros转发的(比如你内部计算机访问外部网络,数据需要通过你的routeros进行转发出去)。
ROS禁止ping
禁止内网ping脚本
/ip firewall filter add chain=output src-address=192.168.1.0/24 protocol=icmp action=drop comment="192.168.1.0 \BD\FB\D6\B9Ping"
禁止外网ping脚本
/ip firewall filter add chain=input src-address=!192.168.1.0/24 protocol=icmp action=drop comment="\BD\FB\D6\B9\CD\E2\CD\F8Ping"
禁止内外网对路由的ICMP数据包(禁止来自内外网的ping)
/ip firewall filter add chain=output protocol=icmp action=drop comment="No Ping"
ROS禁止用户tracert
/ip firewall filter add chain=forward protocol=icmp icmp-options=11 action=drop comment="No tracert"
ROS封锁端口脚本
下面以要封锁的端口为20,使用协议为tcp,备注为Web_Server为例:
/ip firewall filter add chain=output protocol=tcp dst-port=20 action=drop comment="Web_Server"
ROS封锁IP地址脚本
下面以要封锁的IP地址为222.172.200.61/29,备注为Web_Server为例:
/ip firewall filter add chain=forward dst-address=222.172.200.61/29 action=drop comment="Web_Server"
ROS封锁软件类
封迅雷多线程下载(即一个线程下载,和IE一样)
/ip firewall filter add chain=forward content="octet-stream"action=drop comment="Blockade Thunder 1.thread" disabled=no
彻底封迅雷下载脚本
/ip firewall filter add chain=forward content="octent-stream" action=drop comment="blockade thunder" disabled=no /ip firewall filter add chain=forward content="pragma: no-cache" action=drop comment="" disabled=no /ip firewall filter add chain=forward content="Connection: close" action=drop comment="" disabled=no /ip firewall filter add chain=forward content="Range: bytes=" action=drop comment="" disabled=no /ip firewall filter add chain=forward content="Cookie:__utma=" action=drop comment="" disabled=no /ip firewall filter add chain=forward content="filename=" action=drop comment="" disabled=no /ip firewall filter add chain=forward content="Cookie rtime=" action=drop comment="" disabled=no /ip firewall filter add chain=forward content="Content-Disposition: attachment;" action=drop comment="" disabled=no
批量禁止部分网络软件(电驴/屁屁狗/酷狗/比特精灵/宝酷/百度下吧)
/ ip firewall filter add chain=input protocol=udp dst-port=137-138 action=drop comment="drop udp137-138" add chain=forward protocol=tcp dst-port=4661 action=drop comment="downP2P VeryCD" add chain=forward protocol=tcp dst-port=4662 action=drop add chain=forward protocol=tcp dst-port=4242 action=drop add chain=forward dst-address=62.241.53.15/32 action=drop # 屁屁狗(PPGOU) add chain=forward protocol=tcp dst-port=8505 action=drop comment="downTools PPGOU" add chain=forward dst-address=219.153.0.152/32 action=drop add chain=forward dst-address=61.145.116.186/32 action=drop # KUGO酷狗 add chain=forward protocol=tcp dst-port=3318 action=drop comment="downMP3 KUGO" disabled=yes add chain=forward protocol=tcp dst-port=1043 action=drop disabled=yes add chain=forward protocol=tcp dst-port=4224 action=drop disabled=yes add chain=forward protocol=tcp dst-port=2371 action=drop disabled=yes add chain=forward protocol=udp dst-port=7000 action=drop disabled=yes add chain=forward dst-address=218.16.125.227/32 action=drop disabled=yes add chain=forward dst-address=61.143.210.56/32 action=drop disabled=yes add chain=forward dst-address=218.16.125.226/32 action=drop disabled=yes add chain=forward dst-address=61.129.115.206/32 action=drop disabled=yes add chain=forward dst-address=61.145.114.33/32 action=drop disabled=yes # RF online add chain=forward dst-address=218.30.85.16/32 dst-port=8888 action=accept comment="RF online" add chain=forward dst-address=59.34.215.133/32 dst-port=8888 action=accept add chain=forward dst-address=60.28.26.66/32 dst-port=8888 action=accept # 比特精灵 add chain=forward protocol=tcp dst-port=16881 action=drop comment="downP2P BitSpirit" add chain=forward protocol=tcp dst-port=6881-6890 action=drop add chain=forward protocol=tcp dst-port=8881-8890 action=drop add chain=forward protocol=udp dst-port=16881 action=drop add chain=forward protocol=udp dst-port=6881-6890 action=drop add chain=forward protocol=udp dst-port=8881-8890 action=drop # 宝酷 add chain=forward protocol=tcp dst-port=6346 action=drop comment="downP2P BaoCue" add chain=forward protocol=tcp dst-port=11300 action=drop add chain=forward dst-address=61.172.197.196/32 action=drop add chain=forward dst-address=218.1.14.3/32 action=drop add chain=forward dst-address=218.1.14.4/32 action=drop add chain=forward dst-address=218.1.14.9/32 action=drop add chain=forward dst-address=61.172.197.209/32 action=drop add chain=forward dst-address=61.172.197.197/32 action=drop add chain=forward dst-address=218.1.14.5/32 action=drop add chain=forward dst-address=218.5.72.118/32 action=drop add chain=forward dst-address=61.172.197.196/32 action=drop # 百度下吧 add chain=forward protocol=tcp dst-port=11000 action=drop comment="downP2P BaiDuXiaBa" disabled=yes add chain=forward dst-address=202.108.249.171/32 action=drop
禁止PPlive网络电视在线观看
/ ip firewall filter add chain=input protocol=udp dst-port=137-138 action=drop comment="drop udp137-138" add chain=forward protocol=tcp dst-port=8008 action=drop comment="P2PTV PPlive" add chain=forward protocol=udp dst-port=4004 action=drop
禁止QQ旋风下载
/ ip firewall address-list add list="BlockadeQqXuanFeng" address=124.115.5.173 comment="" disabled=no add list="BlockadeQqXuanFeng" address=119.147.18.173 comment="" disabled=no add list="BlockadeQqXuanFeng" address=117.95.243.97 comment="" disabled=no add list="BlockadeQqXuanFeng" address=124.115.0.180 comment="" disabled=no / ip firewall filter add chain=forward dst-address-list="BlockadeQqXuanFeng" action=drop comment="BlockadeQqXuanFeng" disabled=no
禁止QQ聊天脚本(禁止QQ登录,不影响腾讯其它业务及网站)
/ ip firewall filter add chain=forward protocol=tcp dst-port=8008 action=drop comment="QQServer" add chain=forward protocol=udp dst-port=8000 action=drop add chain=forward dst-address=61.144.238.0/24 action=drop add chain=forward dst-address=61.152.100.0/24 action=drop add chain=forward dst-address=61.141.194.0/24 action=drop add chain=forward dst-address=202.96.170.163/32 action=drop add chain=forward dst-address=202.104.129.0/24 action=drop add chain=forward dst-address=202.104.193.20/32 action=drop add chain=forward dst-address=202.104.193.11/32 action=drop add chain=forward dst-address=202.104.193.12/32 action=drop add chain=forward dst-address=218.17.209.23/32 action=drop add chain=forward dst-address=218.18.95.153/32 action=drop add chain=forward dst-address=218.18.95.165/32 action=drop add chain=forward dst-address=218.18.95.220/32 action=drop add chain=forward dst-address=218.85.138.70/32 action=drop add chain=forward dst-address=219.133.38.0/24 action=drop add chain=forward dst-address=219.133.49.0/24 action=drop add chain=forward dst-address=220.133.40.0/24 action=drop add chain=forward content=sz.tencent.com action=reject add chain=forward content=sz2.tencent.com action=reject add chain=forward content=sz3.tencent.com action=reject add chain=forward content=sz4.tencent.com action=reject add chain=forward content=sz5.tencent.com action=reject add chain=forward content=sz6.tencent.com action=reject add chain=forward content=sz7.tencent.com action=reject add chain=forward content=sz8.tencent.com action=rejec add chain=forward content=sz9.tencent.com action=rejec add chain=forward content=tcpconn.tencent.com action=reject add chain=forward content=tcpconn2.tencent.com action=reject add chain=forward content=tcpconn3.tencent.com action=reject add chain=forward content=tcpconn4.tencent.com action=reject add chain=forward content=tcpconn5.tencent.com action=reject add chain=forward content=tcpconn6.tencent.com action=reject add chain=forward content=tcpconn7.tencent.com action=reject add chain=forward content=tcpconn8.tencent.com action=reject add chain=forward content=qq.com action=reject add chain=forward content=www.qq.com action=reject
禁止腾讯QQ直播
/ ip firewall filter add chain=input protocol=udp dst-port=137-138 action=drop comment="drop udp137-138" add chain=forward protocol=udp dst-port=13002-13999 action=drop comment="P2PTV QQ" disabled=yes
推荐防火墙(Firewall)脚本
此脚本包含众多的防火墙策略,屏蔽病毒端口,限制单机连接数,屏蔽木马后门,压制DOS攻击等。
特别说明:非特别情况请不要用此功能,此功能将会影响网页显示。
/ip firewall filter add action=drop chain=input comment=\ "\B6\AA\C6\FA\B7\C7\B7\A8\C1\AC\BD\D3\CA\FD\BE\DD" connection-state=\ invalid disabled=no add action=drop chain=input comment=\ "\CF\DE\D6\C6\D7\DChttp\C1\AC\BD\D3\CA\FD\CE\AA20" connection-limit=20,0 \ disabled=no dst-port=80 protocol=tcp add action=drop chain=input comment=\ "\CC\BD\B2\E2\B2\A2\B6\AA\C6\FA\B6\CB\BF\DA\C9\A8\C3\E8\C1\AC\BD\D3" \ disabled=no protocol=tcp psd=21,3s,3,1 add action=tarpit chain=input comment="\D1\B9\D6\C6DoS\B9\A5\BB\F7" \ connection-limit=3,32 disabled=no protocol=tcp src-address-list=\ black_list add action=add-src-to-address-list address-list=black_list \ address-list-timeout=1d chain=input comment="\CC\BD\B2\E2DoS\B9\A5\BB\F7" \ connection-limit=10,32 disabled=no protocol=tcp add action=drop chain=input comment=\ "\B6\AA\C6\FA\B5\F4\B7\C7\B1\BE\B5\D8\CA\FD\BE\DD" disabled=no \ dst-address-type=!local add action=jump chain=input comment="\CC\F8\D7\AA\B5\BDICMP\C1\B4\B1\ED" \ disabled=no jump-target=ICMP protocol=icmp add action=accept chain=ICMP comment=\ "Ping\D3\A6\B4\F0\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" disabled=no \ icmp-options=0:0-255 limit=5,5 protocol=icmp add action=accept chain=ICMP comment=\ "Traceroute\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" disabled=no \ icmp-options=3:3 limit=5,5 protocol=icmp add action=accept chain=ICMP comment=\ "MTU\CF\DF\C2\B7\CC\BD\B2\E2\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" \ disabled=no icmp-options=3:4 limit=5,5 protocol=icmp add action=accept chain=ICMP comment=\ "Ping\C7\EB\C7\F3\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" disabled=no \ icmp-options=8:0-255 limit=5,5 protocol=icmp add action=accept chain=ICMP comment=\ "Trace TTL\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" disabled=no \ icmp-options=11:0-255 limit=5,5 protocol=icmp add action=drop chain=ICMP comment=\ "\B6\AA\C6\FA\B5\F4\C8\CE\BA\CEICMP\CA\FD\BE\DD" disabled=no protocol=\ icmp add action=drop chain=forward comment=\ "\B6\AA\C6\FA\B7\C7\B7\A8\CA\FD\BE\DD\B0\FC" connection-state=invalid \ disabled=no add action=drop chain=forward comment=\ "\B6\AA\C6\FA\B5\F4\CB\F9\D3\D0\B7\C7\B5\A5\B2\A5\CA\FD\BE\DD" disabled=\ no src-address-type=!unicast add action=jump chain=forward comment="\CC\F8\D7\AA\B5\BDICMP\C1\B4\B1\ED" \ disabled=no jump-target=ICMP protocol=icmp add action=jump chain=forward comment=\ "\CC\F8\D7\AA\B5\BD\B2\A1\B6\BE\C1\B4\B1\ED" disabled=no jump-target=\ virus add action=drop chain=forward comment=\ "\CF\DE\D6\C6\C3\BF\B8\F6\D6\F7\BB\FATCP\C1\AC\BD\D3\CA\FD\CE\AA80\CC\F5" \ connection-limit=80,32 disabled=no protocol=tcp add action=accept chain=forward comment=\ "\BD\D3\CA\DC\CB\F9\D3\D0\CA\FD\BE\DD" disabled=no add action=drop chain=virus comment=DeepThroat.Trojan-1 disabled=no dst-port=\ 41 protocol=tcp add action=drop chain=virus comment=Worm.NetSky.Y@mm disabled=no dst-port=82 \ protocol=tcp add action=drop chain=virus comment=W32.Korgo.A/B/C/D/E/F-1 disabled=no \ dst-port=113 protocol=tcp add action=drop chain=virus comment=W33.Korgo.A/B/C/D/E/F-2 disabled=no \ dst-port=2041 protocol=tcp add action=drop chain=virus comment=DeepThroat.Trojan-2 disabled=no dst-port=\ 3150 protocol=tcp add action=drop chain=virus comment=W32.Korgo.A/B/C/D/E/F-3 disabled=no \ dst-port=3067 protocol=tcp add action=drop chain=virus comment=Backdoor.IRC.Aladdinz.R-1 disabled=no \ dst-port=3422 protocol=tcp add action=drop chain=virus comment=W32.Korgo.A/B/C/D/E/F-4 disabled=no \ dst-port=6667 protocol=tcp add action=drop chain=virus comment=Worm.NetSky.S/T/U@mm disabled=no \ dst-port=6789 protocol=tcp add action=drop chain=virus comment=Back.Orifice.2000.Trojan-1 disabled=no \ dst-port=8787 protocol=tcp add action=drop chain=virus comment=Back.Orifice.2000.Trojan-2 disabled=no \ dst-port=8879 protocol=tcp add action=drop chain=virus comment=W32.Dabber.A/B-2 disabled=no dst-port=\ 8967 protocol=tcp add action=drop chain=virus comment=W32.Dabber.A/B-3 disabled=no dst-port=\ 9999 protocol=tcp add action=drop chain=virus comment=Block.NetBus.Trojan-2 disabled=no \ dst-port=20034 protocol=tcp add action=drop chain=virus comment=GirlFriend.Trojan-1 disabled=no dst-port=\ 21554 protocol=tcp add action=drop chain=virus comment=Back.Orifice.2000.Trojan-3 disabled=no \ dst-port=31666 protocol=tcp add action=drop chain=virus comment=Backdoor.IRC.Aladdinz.R-2 disabled=no \ dst-port=43958 protocol=tcp add action=drop chain=virus comment=DeepThroat.Trojan-3 disabled=no dst-port=\ 999 protocol=tcp add action=drop chain=virus comment=DeepThroat.Trojan-4 disabled=no dst-port=\ 6670 protocol=tcp add action=drop chain=virus comment=DeepThroat.Trojan-5 disabled=no dst-port=\ 6771 protocol=tcp add action=drop chain=virus comment=DeepThroat.Trojan-6 disabled=no dst-port=\ 60000 protocol=tcp add action=drop chain=virus comment=DeepThroat.Trojan-7 disabled=no dst-port=\ 2140 protocol=tcp add action=drop chain=virus comment=Portal.of.Doom.Trojan-1 disabled=no \ dst-port=10067 protocol=tcp add action=drop chain=virus comment=Portal.of.Doom.Trojan-2 disabled=no \ dst-port=10167 protocol=tcp add action=drop chain=virus comment=Portal.of.Doom.Trojan-3 disabled=no \ dst-port=3700 protocol=tcp add action=drop chain=virus comment=Portal.of.Doom.Trojan-4 disabled=no \ dst-port=9872-9875 protocol=tcp add action=drop chain=virus comment=Delta.Source.Trojan-1 disabled=no \ dst-port=6883 protocol=tcp add action=drop chain=virus comment=Delta.Source.Trojan-2 disabled=no \ dst-port=26274 protocol=tcp add action=drop chain=virus comment=Delta.Source.Trojan-3 disabled=no \ dst-port=4444 protocol=tcp add action=drop chain=virus comment=Delta.Source.Trojan-4 disabled=no \ dst-port=47262 protocol=tcp add action=drop chain=virus comment=Eclypse.Trojan-1 disabled=no dst-port=\ 3791 protocol=tcp add action=drop chain=virus comment=Eclypse.Trojan-2 disabled=no dst-port=\ 3801 protocol=tcp add action=drop chain=virus comment=Eclypse.Trojan-3 disabled=no dst-port=\ 65390 protocol=tcp add action=drop chain=virus comment=Y3K.RAT.Trojan-1 disabled=no dst-port=\ 5880-5882 protocol=tcp add action=drop chain=virus comment=Y3K.RAT.Trojan-2 disabled=no dst-port=\ 5888-5889 protocol=tcp add action=drop chain=virus comment=NetSphere.Trojan-1 disabled=no dst-port=\ 30100-30103 protocol=tcp add action=drop chain=virus comment=NetSphere.Trojan-2 disabled=no dst-port=\ 30133 protocol=tcp add action=drop chain=virus comment=NetMonitor.Trojan-1 disabled=no dst-port=\ 7300-7301 protocol=tcp add action=drop chain=virus comment=NetMonitor.Trojan-2 disabled=no dst-port=\ 7306-7308 protocol=tcp add action=drop chain=virus comment=FireHotcker.Trojan-1 disabled=no \ dst-port=79 protocol=tcp add action=drop chain=virus comment=FireHotcker.Trojan-2 disabled=no \ dst-port=5031 protocol=tcp add action=drop chain=virus comment=FireHotcker.Trojan-3 disabled=no \ dst-port=5321 protocol=tcp add action=drop chain=virus comment=TheThing.Trojan-1 disabled=no dst-port=\ 6400 protocol=tcp add action=drop chain=virus comment=GateCrasher.Trojan-1 disabled=no \ dst-port=1047 protocol=tcp add action=drop chain=virus comment=GateCrasher.Trojan-2 disabled=no \ dst-port=6969-6970 protocol=tcp add action=drop chain=virus comment=SubSeven-1 disabled=no dst-port=2774 \ protocol=tcp add action=drop chain=virus comment=SubSeven-2 disabled=no dst-port=27374 \ protocol=tcp add action=drop chain=virus comment=SubSeven-3 disabled=no dst-port=1243 \ protocol=tcp add action=drop chain=virus comment=SubSeven-4 disabled=no dst-port=1234 \ protocol=tcp add action=drop chain=virus comment=SubSeven-5 disabled=no dst-port=6711-6713 \ protocol=tcp add action=drop chain=virus comment=SubSeven-7 disabled=no dst-port=16959 \ protocol=tcp add action=drop chain=virus comment=Moonpie.Trojan-1 disabled=no dst-port=\ 25685-25686 protocol=tcp add action=drop chain=virus comment=Moonpie.Trojan-2 disabled=no dst-port=\ 25982 protocol=tcp add action=drop chain=virus comment=NetSpy.Trojan-3 disabled=no dst-port=\ 31337-31339 protocol=tcp add action=drop chain=virus comment=Trojan disabled=no dst-port=8102 \ protocol=tcp add action=drop chain=virus comment=WAY.Trojan disabled=no dst-port=8011 \ protocol=tcp add action=drop chain=virus comment=Trojan.BingHe disabled=no dst-port=7626 \ protocol=tcp add action=drop chain=virus comment=Trojan.NianSeHoYian disabled=no dst-port=\ 19191 protocol=tcp add action=drop chain=virus comment=NetBull.Trojan disabled=no dst-port=\ 23444-23445 protocol=tcp add action=drop chain=virus comment=WinCrash.Trojan-1 disabled=no dst-port=\ 2583 protocol=tcp add action=drop chain=virus comment=WinCrash.Trojan-2 disabled=no dst-port=\ 3024 protocol=tcp add action=drop chain=virus comment=WinCrash.Trojan-3 disabled=no dst-port=\ 4092 protocol=tcp add action=drop chain=virus comment=WinCrash.Trojan-4 disabled=no dst-port=\ 5714 protocol=tcp add action=drop chain=virus comment=Doly1.0/1.35/1.5trojan-1 disabled=no \ dst-port=1010-1012 protocol=tcp add action=drop chain=virus comment=Doly1.0/1.35/1.5trojan-2 disabled=no \ dst-port=1015 protocol=tcp add action=drop chain=virus comment=TransScout.Trojan-1 disabled=no dst-port=\ 2004-2005 protocol=tcp add action=drop chain=virus comment=TransScout.Trojan-2 disabled=no dst-port=\ 9878 protocol=tcp add action=drop chain=virus comment=Backdoor.YAI..Trojan-1 disabled=no \ dst-port=2773 protocol=tcp add action=drop chain=virus comment=Backdoor.YAI.Trojan-2 disabled=no \ dst-port=7215 protocol=tcp add action=drop chain=virus comment=Backdoor.YAI.Trojan-3 disabled=no \ dst-port=54283 protocol=tcp add action=drop chain=virus comment=BackDoorTrojan-1 disabled=no dst-port=\ 1003 protocol=tcp add action=drop chain=virus comment=BackDoorTrojan-2 disabled=no dst-port=\ 5598 protocol=tcp add action=drop chain=virus comment=BackDoorTrojan-3 disabled=no dst-port=\ 5698 protocol=tcp add action=drop chain=virus comment=SchainwindlerTrojan-2 disabled=no \ dst-port=31554 protocol=tcp add action=drop chain=virus comment=Shaft.DDoS.Trojan-1 disabled=no dst-port=\ 18753 protocol=tcp add action=drop chain=virus comment=Shaft.DDoS.Trojan-2 disabled=no dst-port=\ 20432 protocol=tcp add action=drop chain=virus comment=Devil.DDoS.Trojan disabled=no dst-port=\ 65000 protocol=tcp add action=drop chain=virus comment=LatinusTrojan-1 disabled=no dst-port=\ 11831 protocol=tcp add action=drop chain=virus comment=LatinusTrojan-2 disabled=no dst-port=\ 29559 protocol=tcp add action=drop chain=virus comment=Snid.X2Trojan-1 disabled=no dst-port=1784 \ protocol=tcp add action=drop chain=virus comment=Snid.X2Trojan-2 disabled=no dst-port=3586 \ protocol=tcp add action=drop chain=virus comment=Snid.X2Trojan-3 disabled=no dst-port=7609 \ protocol=tcp add action=drop chain=virus comment=BionetTrojan-1 disabled=no dst-port=\ 12348-12349 protocol=tcp add action=drop chain=virus comment=BionetTrojan-2 disabled=no dst-port=12478 \ protocol=tcp add action=drop chain=virus comment=BionetTrojan-3 disabled=no dst-port=57922 \ protocol=tcp add action=drop chain=virus comment=Worm.Novarg.a.Mydoom.a1. disabled=no \ dst-port=3127 protocol=tcp add action=drop chain=virus comment=Worm.BBeagle.a.Bagle.a. disabled=no \ dst-port=6777 protocol=tcp add action=drop chain=virus comment=Worm.BBeagle.b disabled=no dst-port=8866 \ protocol=tcp add action=drop chain=virus comment=Worm.BBeagle.c-g/j-l disabled=no \ dst-port=2745 protocol=tcp add action=drop chain=virus comment=Worm.BBeagle.p/q/r/n disabled=no \ dst-port=2556 protocol=tcp add action=drop chain=virus comment=Worm.BBEagle.m-2 disabled=no dst-port=\ 20742 protocol=tcp add action=drop chain=virus comment=Worm.BBeagle.s/t/u/v disabled=no \ dst-port=4751 protocol=tcp add action=drop chain=virus comment=Worm.BBeagle.aa/ab/w/x-z-2 disabled=no \ dst-port=2535 protocol=tcp add action=drop chain=virus comment=Worm.LovGate.r.RpcExploit disabled=no \ dst-port=5238 protocol=tcp add action=drop chain=virus comment=Worm.Sasser.a disabled=no dst-port=1068 \ protocol=tcp add action=drop chain=virus comment=Worm.Sasser.b/c/f disabled=no dst-port=\ 5554 protocol=tcp add action=drop chain=virus comment=Worm.Sasser.b/c/f disabled=no dst-port=\ 9996 protocol=tcp add action=drop chain=virus comment=Worm.Sasser.d disabled=no dst-port=9995 \ protocol=tcp add action=drop chain=virus comment=Worm.Lovgate.a/b/c/d disabled=no \ dst-port=10168 protocol=tcp add action=drop chain=virus comment=Worm.Lovgate.v.QQ disabled=no dst-port=\ 20808 protocol=tcp add action=drop chain=virus comment=Worm.Lovgate.f/g disabled=no dst-port=\ 1092 protocol=tcp add action=drop chain=virus comment=Worm.Lovgate.f/g disabled=no dst-port=\ 20168 protocol=tcp add action=drop chain=virus comment=ndm.requester disabled=no dst-port=\ 1363-1364 protocol=tcp add action=drop chain=virus comment=screen.cast disabled=no dst-port=1368 \ protocol=tcp add action=drop chain=virus comment=hromgrafx disabled=no dst-port=1373 \ protocol=tcp add action=drop chain=virus comment=cichainlid disabled=no dst-port=1377 \ protocol=tcp add action=drop chain=virus comment=Backdoor.Optixprotocol disabled=no \ dst-port=3410 protocol=tcp add action=drop chain=virus comment=Worm.BBeagle.b disabled=no dst-port=8888 \ protocol=tcp add action=drop chain=virus comment=Delta.Source.Trojan-7 disabled=no \ dst-port=44444 protocol=udp add action=drop chain=virus comment=Worm.Sobig.f-3 disabled=no dst-port=8998 \ protocol=udp add action=drop chain=virus comment=Worm.Sobig.f-1 disabled=no dst-port=123 \ protocol=udp add action=drop chain=virus comment=Worm.Novarg.a.Mydoom.a2. disabled=no \ dst-port=3198 protocol=tcp add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=\ 139 protocol=tcp add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=\ 135 protocol=tcp add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=\ 445 protocol=tcp
评论前必须登录!
注册