欢迎光临
我们一直在努力
扫描二维码在手机上浏览
路由教程

ROS防火墙的各种脚本

routeros防火墙属于包过滤防火墙,你可以定义一系列的规则过滤掉发往routeros、从routeros发出、通过routeros转发的数据包。在routeros防火墙中定义了三个防火墙(过滤)链(即input、forward、output),你可以在这三个链当中定义你自己的规则。

input意思是指发往routeros自己的数据(也就是目的ip是routeros接口中的一个ip地址);
output意思是指从routeros发出去的数据(也就是数据包源ip是routeros接口中的一个ip地址);
forward意思是指通过routeros转发的(比如你内部计算机访问外部网络,数据需要通过你的routeros进行转发出去)。

ROS禁止ping

禁止内网ping脚本

/ip firewall filter add chain=output src-address=192.168.1.0/24 protocol=icmp action=drop comment="192.168.1.0 \BD\FB\D6\B9Ping"

禁止外网ping脚本

/ip firewall filter add chain=input src-address=!192.168.1.0/24 protocol=icmp action=drop comment="\BD\FB\D6\B9\CD\E2\CD\F8Ping"

禁止内外网对路由的ICMP数据包(禁止来自内外网的ping)

/ip firewall filter add chain=output protocol=icmp action=drop comment="No Ping"

ROS禁止用户tracert

/ip firewall filter add chain=forward protocol=icmp icmp-options=11 action=drop comment="No tracert"

ROS封锁端口脚本

下面以要封锁的端口为20,使用协议为tcp,备注为Web_Server为例:

/ip firewall filter add chain=output protocol=tcp dst-port=20 action=drop comment="Web_Server"

ROS封锁IP地址脚本

下面以要封锁的IP地址为222.172.200.61/29,备注为Web_Server为例:

/ip firewall filter add chain=forward dst-address=222.172.200.61/29 action=drop comment="Web_Server"

ROS封锁软件类

封迅雷多线程下载(即一个线程下载,和IE一样)

/ip firewall filter add chain=forward content="octet-stream"action=drop comment="Blockade Thunder 1.thread" disabled=no

彻底封迅雷下载脚本

/ip firewall filter add chain=forward content="octent-stream" action=drop comment="blockade thunder" disabled=no
/ip firewall filter add chain=forward content="pragma: no-cache" action=drop comment="" disabled=no
/ip firewall filter add chain=forward content="Connection: close" action=drop comment="" disabled=no
/ip firewall filter add chain=forward content="Range: bytes=" action=drop comment="" disabled=no
/ip firewall filter add chain=forward content="Cookie:__utma=" action=drop comment="" disabled=no
/ip firewall filter add chain=forward content="filename=" action=drop comment="" disabled=no
/ip firewall filter add chain=forward content="Cookie rtime=" action=drop comment="" disabled=no
/ip firewall filter add chain=forward content="Content-Disposition: attachment;" action=drop comment="" disabled=no

批量禁止部分网络软件(电驴/屁屁狗/酷狗/比特精灵/宝酷/百度下吧)

/ ip firewall filter
add chain=input protocol=udp dst-port=137-138 action=drop comment="drop udp137-138"
add chain=forward protocol=tcp dst-port=4661 action=drop comment="downP2P VeryCD"
add chain=forward protocol=tcp dst-port=4662 action=drop
add chain=forward protocol=tcp dst-port=4242 action=drop
add chain=forward dst-address=62.241.53.15/32 action=drop
# 屁屁狗(PPGOU)
add chain=forward protocol=tcp dst-port=8505 action=drop comment="downTools PPGOU"
add chain=forward dst-address=219.153.0.152/32 action=drop
add chain=forward dst-address=61.145.116.186/32 action=drop
# KUGO酷狗
add chain=forward protocol=tcp dst-port=3318 action=drop comment="downMP3 KUGO" disabled=yes
add chain=forward protocol=tcp dst-port=1043 action=drop disabled=yes
add chain=forward protocol=tcp dst-port=4224 action=drop disabled=yes
add chain=forward protocol=tcp dst-port=2371 action=drop disabled=yes
add chain=forward protocol=udp dst-port=7000 action=drop disabled=yes
add chain=forward dst-address=218.16.125.227/32 action=drop disabled=yes
add chain=forward dst-address=61.143.210.56/32 action=drop disabled=yes
add chain=forward dst-address=218.16.125.226/32 action=drop disabled=yes
add chain=forward dst-address=61.129.115.206/32 action=drop disabled=yes
add chain=forward dst-address=61.145.114.33/32 action=drop disabled=yes
# RF online
add chain=forward dst-address=218.30.85.16/32 dst-port=8888 action=accept comment="RF online"
add chain=forward dst-address=59.34.215.133/32 dst-port=8888 action=accept
add chain=forward dst-address=60.28.26.66/32 dst-port=8888 action=accept
# 比特精灵
add chain=forward protocol=tcp dst-port=16881 action=drop comment="downP2P BitSpirit"
add chain=forward protocol=tcp dst-port=6881-6890 action=drop
add chain=forward protocol=tcp dst-port=8881-8890 action=drop
add chain=forward protocol=udp dst-port=16881 action=drop
add chain=forward protocol=udp dst-port=6881-6890 action=drop
add chain=forward protocol=udp dst-port=8881-8890 action=drop
# 宝酷
add chain=forward protocol=tcp dst-port=6346 action=drop comment="downP2P BaoCue"
add chain=forward protocol=tcp dst-port=11300 action=drop
add chain=forward dst-address=61.172.197.196/32 action=drop
add chain=forward dst-address=218.1.14.3/32 action=drop
add chain=forward dst-address=218.1.14.4/32 action=drop
add chain=forward dst-address=218.1.14.9/32 action=drop
add chain=forward dst-address=61.172.197.209/32 action=drop
add chain=forward dst-address=61.172.197.197/32 action=drop
add chain=forward dst-address=218.1.14.5/32 action=drop
add chain=forward dst-address=218.5.72.118/32 action=drop
add chain=forward dst-address=61.172.197.196/32 action=drop
# 百度下吧
add chain=forward protocol=tcp dst-port=11000 action=drop comment="downP2P BaiDuXiaBa" disabled=yes
add chain=forward dst-address=202.108.249.171/32 action=drop

禁止PPlive网络电视在线观看

/ ip firewall filter
add chain=input protocol=udp dst-port=137-138 action=drop comment="drop udp137-138"
add chain=forward protocol=tcp dst-port=8008 action=drop comment="P2PTV PPlive"
add chain=forward protocol=udp dst-port=4004 action=drop

禁止QQ旋风下载

/ ip firewall address-list 
add list="BlockadeQqXuanFeng" address=124.115.5.173 comment="" disabled=no 
add list="BlockadeQqXuanFeng" address=119.147.18.173 comment="" disabled=no 
add list="BlockadeQqXuanFeng" address=117.95.243.97 comment="" disabled=no 
add list="BlockadeQqXuanFeng" address=124.115.0.180 comment="" disabled=no
 
/ ip firewall filter 
add chain=forward dst-address-list="BlockadeQqXuanFeng" action=drop comment="BlockadeQqXuanFeng" disabled=no

禁止QQ聊天脚本(禁止QQ登录,不影响腾讯其它业务及网站)

/ ip firewall filter 
add chain=forward protocol=tcp dst-port=8008 action=drop comment="QQServer"
add chain=forward protocol=udp dst-port=8000 action=drop
add chain=forward dst-address=61.144.238.0/24 action=drop 
add chain=forward dst-address=61.152.100.0/24 action=drop 
add chain=forward dst-address=61.141.194.0/24 action=drop 
add chain=forward dst-address=202.96.170.163/32 action=drop 
add chain=forward dst-address=202.104.129.0/24 action=drop 
add chain=forward dst-address=202.104.193.20/32 action=drop 
add chain=forward dst-address=202.104.193.11/32 action=drop 
add chain=forward dst-address=202.104.193.12/32 action=drop 
add chain=forward dst-address=218.17.209.23/32 action=drop 
add chain=forward dst-address=218.18.95.153/32 action=drop 
add chain=forward dst-address=218.18.95.165/32 action=drop 
add chain=forward dst-address=218.18.95.220/32 action=drop 
add chain=forward dst-address=218.85.138.70/32 action=drop 
add chain=forward dst-address=219.133.38.0/24 action=drop 
add chain=forward dst-address=219.133.49.0/24 action=drop 
add chain=forward dst-address=220.133.40.0/24 action=drop 
add chain=forward content=sz.tencent.com action=reject 
add chain=forward content=sz2.tencent.com action=reject 
add chain=forward content=sz3.tencent.com action=reject 
add chain=forward content=sz4.tencent.com action=reject 
add chain=forward content=sz5.tencent.com action=reject 
add chain=forward content=sz6.tencent.com action=reject 
add chain=forward content=sz7.tencent.com action=reject 
add chain=forward content=sz8.tencent.com action=rejec 
add chain=forward content=sz9.tencent.com action=rejec 
add chain=forward content=tcpconn.tencent.com action=reject 
add chain=forward content=tcpconn2.tencent.com action=reject 
add chain=forward content=tcpconn3.tencent.com action=reject 
add chain=forward content=tcpconn4.tencent.com action=reject 
add chain=forward content=tcpconn5.tencent.com action=reject 
add chain=forward content=tcpconn6.tencent.com action=reject 
add chain=forward content=tcpconn7.tencent.com action=reject 
add chain=forward content=tcpconn8.tencent.com action=reject 
add chain=forward content=qq.com action=reject 
add chain=forward content=www.qq.com action=reject

禁止腾讯QQ直播

/ ip firewall filter
add chain=input protocol=udp dst-port=137-138 action=drop comment="drop udp137-138"
add chain=forward protocol=udp dst-port=13002-13999 action=drop comment="P2PTV QQ" disabled=yes

推荐防火墙(Firewall)脚本

此脚本包含众多的防火墙策略,屏蔽病毒端口,限制单机连接数,屏蔽木马后门,压制DOS攻击等。

特别说明:非特别情况请不要用此功能,此功能将会影响网页显示。

/ip firewall filter
add action=drop chain=input comment=\
 "\B6\AA\C6\FA\B7\C7\B7\A8\C1\AC\BD\D3\CA\FD\BE\DD" connection-state=\
 invalid disabled=no
add action=drop chain=input comment=\
 "\CF\DE\D6\C6\D7\DChttp\C1\AC\BD\D3\CA\FD\CE\AA20" connection-limit=20,0 \
 disabled=no dst-port=80 protocol=tcp
add action=drop chain=input comment=\
 "\CC\BD\B2\E2\B2\A2\B6\AA\C6\FA\B6\CB\BF\DA\C9\A8\C3\E8\C1\AC\BD\D3" \
 disabled=no protocol=tcp psd=21,3s,3,1
add action=tarpit chain=input comment="\D1\B9\D6\C6DoS\B9\A5\BB\F7" \
 connection-limit=3,32 disabled=no protocol=tcp src-address-list=\
 black_list
add action=add-src-to-address-list address-list=black_list \
 address-list-timeout=1d chain=input comment="\CC\BD\B2\E2DoS\B9\A5\BB\F7" \
 connection-limit=10,32 disabled=no protocol=tcp
add action=drop chain=input comment=\
 "\B6\AA\C6\FA\B5\F4\B7\C7\B1\BE\B5\D8\CA\FD\BE\DD" disabled=no \
 dst-address-type=!local
add action=jump chain=input comment="\CC\F8\D7\AA\B5\BDICMP\C1\B4\B1\ED" \
 disabled=no jump-target=ICMP protocol=icmp
add action=accept chain=ICMP comment=\
 "Ping\D3\A6\B4\F0\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" disabled=no \
 icmp-options=0:0-255 limit=5,5 protocol=icmp
add action=accept chain=ICMP comment=\
 "Traceroute\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" disabled=no \
 icmp-options=3:3 limit=5,5 protocol=icmp
add action=accept chain=ICMP comment=\
 "MTU\CF\DF\C2\B7\CC\BD\B2\E2\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" \
 disabled=no icmp-options=3:4 limit=5,5 protocol=icmp
add action=accept chain=ICMP comment=\
 "Ping\C7\EB\C7\F3\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" disabled=no \
 icmp-options=8:0-255 limit=5,5 protocol=icmp
add action=accept chain=ICMP comment=\
 "Trace TTL\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" disabled=no \
 icmp-options=11:0-255 limit=5,5 protocol=icmp
add action=drop chain=ICMP comment=\
 "\B6\AA\C6\FA\B5\F4\C8\CE\BA\CEICMP\CA\FD\BE\DD" disabled=no protocol=\
 icmp
add action=drop chain=forward comment=\
 "\B6\AA\C6\FA\B7\C7\B7\A8\CA\FD\BE\DD\B0\FC" connection-state=invalid \
 disabled=no
add action=drop chain=forward comment=\
 "\B6\AA\C6\FA\B5\F4\CB\F9\D3\D0\B7\C7\B5\A5\B2\A5\CA\FD\BE\DD" disabled=\
 no src-address-type=!unicast
add action=jump chain=forward comment="\CC\F8\D7\AA\B5\BDICMP\C1\B4\B1\ED" \
 disabled=no jump-target=ICMP protocol=icmp
add action=jump chain=forward comment=\
 "\CC\F8\D7\AA\B5\BD\B2\A1\B6\BE\C1\B4\B1\ED" disabled=no jump-target=\
 virus
add action=drop chain=forward comment=\
 "\CF\DE\D6\C6\C3\BF\B8\F6\D6\F7\BB\FATCP\C1\AC\BD\D3\CA\FD\CE\AA80\CC\F5" \
 connection-limit=80,32 disabled=no protocol=tcp
add action=accept chain=forward comment=\
 "\BD\D3\CA\DC\CB\F9\D3\D0\CA\FD\BE\DD" disabled=no
add action=drop chain=virus comment=DeepThroat.Trojan-1 disabled=no dst-port=\
 41 protocol=tcp
add action=drop chain=virus comment=Worm.NetSky.Y@mm disabled=no dst-port=82 \
 protocol=tcp
add action=drop chain=virus comment=W32.Korgo.A/B/C/D/E/F-1 disabled=no \
 dst-port=113 protocol=tcp
add action=drop chain=virus comment=W33.Korgo.A/B/C/D/E/F-2 disabled=no \
 dst-port=2041 protocol=tcp
add action=drop chain=virus comment=DeepThroat.Trojan-2 disabled=no dst-port=\
 3150 protocol=tcp
add action=drop chain=virus comment=W32.Korgo.A/B/C/D/E/F-3 disabled=no \
 dst-port=3067 protocol=tcp
add action=drop chain=virus comment=Backdoor.IRC.Aladdinz.R-1 disabled=no \
 dst-port=3422 protocol=tcp
add action=drop chain=virus comment=W32.Korgo.A/B/C/D/E/F-4 disabled=no \
 dst-port=6667 protocol=tcp
add action=drop chain=virus comment=Worm.NetSky.S/T/U@mm disabled=no \
 dst-port=6789 protocol=tcp
add action=drop chain=virus comment=Back.Orifice.2000.Trojan-1 disabled=no \
 dst-port=8787 protocol=tcp
add action=drop chain=virus comment=Back.Orifice.2000.Trojan-2 disabled=no \
 dst-port=8879 protocol=tcp
add action=drop chain=virus comment=W32.Dabber.A/B-2 disabled=no dst-port=\
 8967 protocol=tcp
add action=drop chain=virus comment=W32.Dabber.A/B-3 disabled=no dst-port=\
 9999 protocol=tcp
add action=drop chain=virus comment=Block.NetBus.Trojan-2 disabled=no \
 dst-port=20034 protocol=tcp
add action=drop chain=virus comment=GirlFriend.Trojan-1 disabled=no dst-port=\
 21554 protocol=tcp
add action=drop chain=virus comment=Back.Orifice.2000.Trojan-3 disabled=no \
 dst-port=31666 protocol=tcp
add action=drop chain=virus comment=Backdoor.IRC.Aladdinz.R-2 disabled=no \
 dst-port=43958 protocol=tcp
add action=drop chain=virus comment=DeepThroat.Trojan-3 disabled=no dst-port=\
 999 protocol=tcp
add action=drop chain=virus comment=DeepThroat.Trojan-4 disabled=no dst-port=\
 6670 protocol=tcp
add action=drop chain=virus comment=DeepThroat.Trojan-5 disabled=no dst-port=\
 6771 protocol=tcp
add action=drop chain=virus comment=DeepThroat.Trojan-6 disabled=no dst-port=\
 60000 protocol=tcp
add action=drop chain=virus comment=DeepThroat.Trojan-7 disabled=no dst-port=\
 2140 protocol=tcp
add action=drop chain=virus comment=Portal.of.Doom.Trojan-1 disabled=no \
 dst-port=10067 protocol=tcp
add action=drop chain=virus comment=Portal.of.Doom.Trojan-2 disabled=no \
 dst-port=10167 protocol=tcp
add action=drop chain=virus comment=Portal.of.Doom.Trojan-3 disabled=no \
 dst-port=3700 protocol=tcp
add action=drop chain=virus comment=Portal.of.Doom.Trojan-4 disabled=no \
 dst-port=9872-9875 protocol=tcp
add action=drop chain=virus comment=Delta.Source.Trojan-1 disabled=no \
 dst-port=6883 protocol=tcp
add action=drop chain=virus comment=Delta.Source.Trojan-2 disabled=no \
 dst-port=26274 protocol=tcp
add action=drop chain=virus comment=Delta.Source.Trojan-3 disabled=no \
 dst-port=4444 protocol=tcp
add action=drop chain=virus comment=Delta.Source.Trojan-4 disabled=no \
 dst-port=47262 protocol=tcp
add action=drop chain=virus comment=Eclypse.Trojan-1 disabled=no dst-port=\
 3791 protocol=tcp
add action=drop chain=virus comment=Eclypse.Trojan-2 disabled=no dst-port=\
 3801 protocol=tcp
add action=drop chain=virus comment=Eclypse.Trojan-3 disabled=no dst-port=\
 65390 protocol=tcp
add action=drop chain=virus comment=Y3K.RAT.Trojan-1 disabled=no dst-port=\
 5880-5882 protocol=tcp
add action=drop chain=virus comment=Y3K.RAT.Trojan-2 disabled=no dst-port=\
 5888-5889 protocol=tcp
add action=drop chain=virus comment=NetSphere.Trojan-1 disabled=no dst-port=\
 30100-30103 protocol=tcp
add action=drop chain=virus comment=NetSphere.Trojan-2 disabled=no dst-port=\
 30133 protocol=tcp
add action=drop chain=virus comment=NetMonitor.Trojan-1 disabled=no dst-port=\
 7300-7301 protocol=tcp
add action=drop chain=virus comment=NetMonitor.Trojan-2 disabled=no dst-port=\
 7306-7308 protocol=tcp
add action=drop chain=virus comment=FireHotcker.Trojan-1 disabled=no \
 dst-port=79 protocol=tcp
add action=drop chain=virus comment=FireHotcker.Trojan-2 disabled=no \
 dst-port=5031 protocol=tcp
add action=drop chain=virus comment=FireHotcker.Trojan-3 disabled=no \
 dst-port=5321 protocol=tcp
add action=drop chain=virus comment=TheThing.Trojan-1 disabled=no dst-port=\
 6400 protocol=tcp
add action=drop chain=virus comment=GateCrasher.Trojan-1 disabled=no \
 dst-port=1047 protocol=tcp
add action=drop chain=virus comment=GateCrasher.Trojan-2 disabled=no \
 dst-port=6969-6970 protocol=tcp
add action=drop chain=virus comment=SubSeven-1 disabled=no dst-port=2774 \
 protocol=tcp
add action=drop chain=virus comment=SubSeven-2 disabled=no dst-port=27374 \
 protocol=tcp
add action=drop chain=virus comment=SubSeven-3 disabled=no dst-port=1243 \
 protocol=tcp
add action=drop chain=virus comment=SubSeven-4 disabled=no dst-port=1234 \
 protocol=tcp
add action=drop chain=virus comment=SubSeven-5 disabled=no dst-port=6711-6713 \
 protocol=tcp
add action=drop chain=virus comment=SubSeven-7 disabled=no dst-port=16959 \
 protocol=tcp
add action=drop chain=virus comment=Moonpie.Trojan-1 disabled=no dst-port=\
 25685-25686 protocol=tcp
add action=drop chain=virus comment=Moonpie.Trojan-2 disabled=no dst-port=\
 25982 protocol=tcp
add action=drop chain=virus comment=NetSpy.Trojan-3 disabled=no dst-port=\
 31337-31339 protocol=tcp
add action=drop chain=virus comment=Trojan disabled=no dst-port=8102 \
 protocol=tcp
add action=drop chain=virus comment=WAY.Trojan disabled=no dst-port=8011 \
 protocol=tcp
add action=drop chain=virus comment=Trojan.BingHe disabled=no dst-port=7626 \
 protocol=tcp
add action=drop chain=virus comment=Trojan.NianSeHoYian disabled=no dst-port=\
 19191 protocol=tcp
add action=drop chain=virus comment=NetBull.Trojan disabled=no dst-port=\
 23444-23445 protocol=tcp
add action=drop chain=virus comment=WinCrash.Trojan-1 disabled=no dst-port=\
 2583 protocol=tcp
add action=drop chain=virus comment=WinCrash.Trojan-2 disabled=no dst-port=\
 3024 protocol=tcp
add action=drop chain=virus comment=WinCrash.Trojan-3 disabled=no dst-port=\
 4092 protocol=tcp
add action=drop chain=virus comment=WinCrash.Trojan-4 disabled=no dst-port=\
 5714 protocol=tcp
add action=drop chain=virus comment=Doly1.0/1.35/1.5trojan-1 disabled=no \
 dst-port=1010-1012 protocol=tcp
add action=drop chain=virus comment=Doly1.0/1.35/1.5trojan-2 disabled=no \
 dst-port=1015 protocol=tcp
add action=drop chain=virus comment=TransScout.Trojan-1 disabled=no dst-port=\
 2004-2005 protocol=tcp
add action=drop chain=virus comment=TransScout.Trojan-2 disabled=no dst-port=\
 9878 protocol=tcp
add action=drop chain=virus comment=Backdoor.YAI..Trojan-1 disabled=no \
 dst-port=2773 protocol=tcp
add action=drop chain=virus comment=Backdoor.YAI.Trojan-2 disabled=no \
 dst-port=7215 protocol=tcp
add action=drop chain=virus comment=Backdoor.YAI.Trojan-3 disabled=no \
 dst-port=54283 protocol=tcp
add action=drop chain=virus comment=BackDoorTrojan-1 disabled=no dst-port=\
 1003 protocol=tcp
add action=drop chain=virus comment=BackDoorTrojan-2 disabled=no dst-port=\
 5598 protocol=tcp
add action=drop chain=virus comment=BackDoorTrojan-3 disabled=no dst-port=\
 5698 protocol=tcp
add action=drop chain=virus comment=SchainwindlerTrojan-2 disabled=no \
 dst-port=31554 protocol=tcp
add action=drop chain=virus comment=Shaft.DDoS.Trojan-1 disabled=no dst-port=\
 18753 protocol=tcp
add action=drop chain=virus comment=Shaft.DDoS.Trojan-2 disabled=no dst-port=\
 20432 protocol=tcp
add action=drop chain=virus comment=Devil.DDoS.Trojan disabled=no dst-port=\
 65000 protocol=tcp
add action=drop chain=virus comment=LatinusTrojan-1 disabled=no dst-port=\
 11831 protocol=tcp
add action=drop chain=virus comment=LatinusTrojan-2 disabled=no dst-port=\
 29559 protocol=tcp
add action=drop chain=virus comment=Snid.X2Trojan-1 disabled=no dst-port=1784 \
 protocol=tcp
add action=drop chain=virus comment=Snid.X2Trojan-2 disabled=no dst-port=3586 \
 protocol=tcp
add action=drop chain=virus comment=Snid.X2Trojan-3 disabled=no dst-port=7609 \
 protocol=tcp
add action=drop chain=virus comment=BionetTrojan-1 disabled=no dst-port=\
 12348-12349 protocol=tcp
add action=drop chain=virus comment=BionetTrojan-2 disabled=no dst-port=12478 \
 protocol=tcp
add action=drop chain=virus comment=BionetTrojan-3 disabled=no dst-port=57922 \
 protocol=tcp
add action=drop chain=virus comment=Worm.Novarg.a.Mydoom.a1. disabled=no \
 dst-port=3127 protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.a.Bagle.a. disabled=no \
 dst-port=6777 protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.b disabled=no dst-port=8866 \
 protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.c-g/j-l disabled=no \
 dst-port=2745 protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.p/q/r/n disabled=no \
 dst-port=2556 protocol=tcp
add action=drop chain=virus comment=Worm.BBEagle.m-2 disabled=no dst-port=\
 20742 protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.s/t/u/v disabled=no \
 dst-port=4751 protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.aa/ab/w/x-z-2 disabled=no \
 dst-port=2535 protocol=tcp
add action=drop chain=virus comment=Worm.LovGate.r.RpcExploit disabled=no \
 dst-port=5238 protocol=tcp
add action=drop chain=virus comment=Worm.Sasser.a disabled=no dst-port=1068 \
 protocol=tcp
add action=drop chain=virus comment=Worm.Sasser.b/c/f disabled=no dst-port=\
 5554 protocol=tcp
add action=drop chain=virus comment=Worm.Sasser.b/c/f disabled=no dst-port=\
 9996 protocol=tcp
add action=drop chain=virus comment=Worm.Sasser.d disabled=no dst-port=9995 \
 protocol=tcp
add action=drop chain=virus comment=Worm.Lovgate.a/b/c/d disabled=no \
 dst-port=10168 protocol=tcp
add action=drop chain=virus comment=Worm.Lovgate.v.QQ disabled=no dst-port=\
 20808 protocol=tcp
add action=drop chain=virus comment=Worm.Lovgate.f/g disabled=no dst-port=\
 1092 protocol=tcp
add action=drop chain=virus comment=Worm.Lovgate.f/g disabled=no dst-port=\
 20168 protocol=tcp
add action=drop chain=virus comment=ndm.requester disabled=no dst-port=\
 1363-1364 protocol=tcp
add action=drop chain=virus comment=screen.cast disabled=no dst-port=1368 \
 protocol=tcp
add action=drop chain=virus comment=hromgrafx disabled=no dst-port=1373 \
 protocol=tcp
add action=drop chain=virus comment=cichainlid disabled=no dst-port=1377 \
 protocol=tcp
add action=drop chain=virus comment=Backdoor.Optixprotocol disabled=no \
 dst-port=3410 protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.b disabled=no dst-port=8888 \
 protocol=tcp
add action=drop chain=virus comment=Delta.Source.Trojan-7 disabled=no \
 dst-port=44444 protocol=udp
add action=drop chain=virus comment=Worm.Sobig.f-3 disabled=no dst-port=8998 \
 protocol=udp
add action=drop chain=virus comment=Worm.Sobig.f-1 disabled=no dst-port=123 \
 protocol=udp
add action=drop chain=virus comment=Worm.Novarg.a.Mydoom.a2. disabled=no \
 dst-port=3198 protocol=tcp
add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=\
 139 protocol=tcp
add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=\
 135 protocol=tcp
add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=\
 445 protocol=tcp
THE END
历史上的今天
十二月
9
    哇哦~~~,历史上的今天没发表过文章哦
标签
喜欢就支持一下吧!!!
点赞0打赏分享
版权声明
本站文章除注明转载外,均为本站原创或翻译,欢迎任何形式的转载,但请务必注明出处,尊重他人劳动。
转载请注明:文章转载自:灵阳星空 » ROS防火墙的各种脚本
本文标题:ROS防火墙的各种脚本
本文日期:本文发表于 2019/12/09 17:04:40,最后更新于 2019/12/09 17:09:51,如内容失效,请反馈给我们,谢谢!
本文地址: https://www.jsksky.com/routeros-firewall-script.html

网络臭虫

已发布399篇文章
吃得苦中苦,方为人上人,不卧薪藏胆,哪能苦尽甘来?点击进入我的网站了解更多有关我的信息。

评论 抢沙发

评论前必须登录!

 


觉得文章有用就打赏一下文章作者

支付宝扫一扫打赏

微信扫一扫打赏