routeros防火墙属于包过滤防火墙,你可以定义一系列的规则过滤掉发往routeros、从routeros发出、通过routeros转发的数据包。在routeros防火墙中定义了三个防火墙(过滤)链(即input、forward、output),你可以在这三个链当中定义你自己的规则。
input意思是指发往routeros自己的数据(也就是目的ip是routeros接口中的一个ip地址);
output意思是指从routeros发出去的数据(也就是数据包源ip是routeros接口中的一个ip地址);
forward意思是指通过routeros转发的(比如你内部计算机访问外部网络,数据需要通过你的routeros进行转发出去)。
ROS禁止ping
禁止内网ping脚本
/ip firewall filter add chain=output src-address=192.168.1.0/24 protocol=icmp action=drop comment="192.168.1.0 \BD\FB\D6\B9Ping"
禁止外网ping脚本
/ip firewall filter add chain=input src-address=!192.168.1.0/24 protocol=icmp action=drop comment="\BD\FB\D6\B9\CD\E2\CD\F8Ping"
禁止内外网对路由的ICMP数据包(禁止来自内外网的ping)
/ip firewall filter add chain=output protocol=icmp action=drop comment="No Ping"
ROS禁止用户tracert
/ip firewall filter add chain=forward protocol=icmp icmp-options=11 action=drop comment="No tracert"
ROS封锁端口脚本
下面以要封锁的端口为20,使用协议为tcp,备注为Web_Server为例:
/ip firewall filter add chain=output protocol=tcp dst-port=20 action=drop comment="Web_Server"
ROS封锁IP地址脚本
下面以要封锁的IP地址为222.172.200.61/29,备注为Web_Server为例:
/ip firewall filter add chain=forward dst-address=222.172.200.61/29 action=drop comment="Web_Server"
ROS封锁软件类
封迅雷多线程下载(即一个线程下载,和IE一样)
/ip firewall filter add chain=forward content="octet-stream"action=drop comment="Blockade Thunder 1.thread" disabled=no
彻底封迅雷下载脚本
/ip firewall filter add chain=forward content="octent-stream" action=drop comment="blockade thunder" disabled=no
/ip firewall filter add chain=forward content="pragma: no-cache" action=drop comment="" disabled=no
/ip firewall filter add chain=forward content="Connection: close" action=drop comment="" disabled=no
/ip firewall filter add chain=forward content="Range: bytes=" action=drop comment="" disabled=no
/ip firewall filter add chain=forward content="Cookie:__utma=" action=drop comment="" disabled=no
/ip firewall filter add chain=forward content="filename=" action=drop comment="" disabled=no
/ip firewall filter add chain=forward content="Cookie rtime=" action=drop comment="" disabled=no
/ip firewall filter add chain=forward content="Content-Disposition: attachment;" action=drop comment="" disabled=no
批量禁止部分网络软件(电驴/屁屁狗/酷狗/比特精灵/宝酷/百度下吧)
/ ip firewall filter
add chain=input protocol=udp dst-port=137-138 action=drop comment="drop udp137-138"
add chain=forward protocol=tcp dst-port=4661 action=drop comment="downP2P VeryCD"
add chain=forward protocol=tcp dst-port=4662 action=drop
add chain=forward protocol=tcp dst-port=4242 action=drop
add chain=forward dst-address=62.241.53.15/32 action=drop
# 屁屁狗(PPGOU)
add chain=forward protocol=tcp dst-port=8505 action=drop comment="downTools PPGOU"
add chain=forward dst-address=219.153.0.152/32 action=drop
add chain=forward dst-address=61.145.116.186/32 action=drop
# KUGO酷狗
add chain=forward protocol=tcp dst-port=3318 action=drop comment="downMP3 KUGO" disabled=yes
add chain=forward protocol=tcp dst-port=1043 action=drop disabled=yes
add chain=forward protocol=tcp dst-port=4224 action=drop disabled=yes
add chain=forward protocol=tcp dst-port=2371 action=drop disabled=yes
add chain=forward protocol=udp dst-port=7000 action=drop disabled=yes
add chain=forward dst-address=218.16.125.227/32 action=drop disabled=yes
add chain=forward dst-address=61.143.210.56/32 action=drop disabled=yes
add chain=forward dst-address=218.16.125.226/32 action=drop disabled=yes
add chain=forward dst-address=61.129.115.206/32 action=drop disabled=yes
add chain=forward dst-address=61.145.114.33/32 action=drop disabled=yes
# RF online
add chain=forward dst-address=218.30.85.16/32 dst-port=8888 action=accept comment="RF online"
add chain=forward dst-address=59.34.215.133/32 dst-port=8888 action=accept
add chain=forward dst-address=60.28.26.66/32 dst-port=8888 action=accept
# 比特精灵
add chain=forward protocol=tcp dst-port=16881 action=drop comment="downP2P BitSpirit"
add chain=forward protocol=tcp dst-port=6881-6890 action=drop
add chain=forward protocol=tcp dst-port=8881-8890 action=drop
add chain=forward protocol=udp dst-port=16881 action=drop
add chain=forward protocol=udp dst-port=6881-6890 action=drop
add chain=forward protocol=udp dst-port=8881-8890 action=drop
# 宝酷
add chain=forward protocol=tcp dst-port=6346 action=drop comment="downP2P BaoCue"
add chain=forward protocol=tcp dst-port=11300 action=drop
add chain=forward dst-address=61.172.197.196/32 action=drop
add chain=forward dst-address=218.1.14.3/32 action=drop
add chain=forward dst-address=218.1.14.4/32 action=drop
add chain=forward dst-address=218.1.14.9/32 action=drop
add chain=forward dst-address=61.172.197.209/32 action=drop
add chain=forward dst-address=61.172.197.197/32 action=drop
add chain=forward dst-address=218.1.14.5/32 action=drop
add chain=forward dst-address=218.5.72.118/32 action=drop
add chain=forward dst-address=61.172.197.196/32 action=drop
# 百度下吧
add chain=forward protocol=tcp dst-port=11000 action=drop comment="downP2P BaiDuXiaBa" disabled=yes
add chain=forward dst-address=202.108.249.171/32 action=drop
禁止PPlive网络电视在线观看
/ ip firewall filter
add chain=input protocol=udp dst-port=137-138 action=drop comment="drop udp137-138"
add chain=forward protocol=tcp dst-port=8008 action=drop comment="P2PTV PPlive"
add chain=forward protocol=udp dst-port=4004 action=drop
禁止QQ旋风下载
/ ip firewall address-list
add list="BlockadeQqXuanFeng" address=124.115.5.173 comment="" disabled=no
add list="BlockadeQqXuanFeng" address=119.147.18.173 comment="" disabled=no
add list="BlockadeQqXuanFeng" address=117.95.243.97 comment="" disabled=no
add list="BlockadeQqXuanFeng" address=124.115.0.180 comment="" disabled=no
/ ip firewall filter
add chain=forward dst-address-list="BlockadeQqXuanFeng" action=drop comment="BlockadeQqXuanFeng" disabled=no
禁止QQ聊天脚本(禁止QQ登录,不影响腾讯其它业务及网站)
/ ip firewall filter
add chain=forward protocol=tcp dst-port=8008 action=drop comment="QQServer"
add chain=forward protocol=udp dst-port=8000 action=drop
add chain=forward dst-address=61.144.238.0/24 action=drop
add chain=forward dst-address=61.152.100.0/24 action=drop
add chain=forward dst-address=61.141.194.0/24 action=drop
add chain=forward dst-address=202.96.170.163/32 action=drop
add chain=forward dst-address=202.104.129.0/24 action=drop
add chain=forward dst-address=202.104.193.20/32 action=drop
add chain=forward dst-address=202.104.193.11/32 action=drop
add chain=forward dst-address=202.104.193.12/32 action=drop
add chain=forward dst-address=218.17.209.23/32 action=drop
add chain=forward dst-address=218.18.95.153/32 action=drop
add chain=forward dst-address=218.18.95.165/32 action=drop
add chain=forward dst-address=218.18.95.220/32 action=drop
add chain=forward dst-address=218.85.138.70/32 action=drop
add chain=forward dst-address=219.133.38.0/24 action=drop
add chain=forward dst-address=219.133.49.0/24 action=drop
add chain=forward dst-address=220.133.40.0/24 action=drop
add chain=forward content=sz.tencent.com action=reject
add chain=forward content=sz2.tencent.com action=reject
add chain=forward content=sz3.tencent.com action=reject
add chain=forward content=sz4.tencent.com action=reject
add chain=forward content=sz5.tencent.com action=reject
add chain=forward content=sz6.tencent.com action=reject
add chain=forward content=sz7.tencent.com action=reject
add chain=forward content=sz8.tencent.com action=rejec
add chain=forward content=sz9.tencent.com action=rejec
add chain=forward content=tcpconn.tencent.com action=reject
add chain=forward content=tcpconn2.tencent.com action=reject
add chain=forward content=tcpconn3.tencent.com action=reject
add chain=forward content=tcpconn4.tencent.com action=reject
add chain=forward content=tcpconn5.tencent.com action=reject
add chain=forward content=tcpconn6.tencent.com action=reject
add chain=forward content=tcpconn7.tencent.com action=reject
add chain=forward content=tcpconn8.tencent.com action=reject
add chain=forward content=qq.com action=reject
add chain=forward content=www.qq.com action=reject
禁止腾讯QQ直播
/ ip firewall filter
add chain=input protocol=udp dst-port=137-138 action=drop comment="drop udp137-138"
add chain=forward protocol=udp dst-port=13002-13999 action=drop comment="P2PTV QQ" disabled=yes
推荐防火墙(Firewall)脚本
此脚本包含众多的防火墙策略,屏蔽病毒端口,限制单机连接数,屏蔽木马后门,压制DOS攻击等。
特别说明:非特别情况请不要用此功能,此功能将会影响网页显示。
/ip firewall filter
add action=drop chain=input comment=\
"\B6\AA\C6\FA\B7\C7\B7\A8\C1\AC\BD\D3\CA\FD\BE\DD" connection-state=\
invalid disabled=no
add action=drop chain=input comment=\
"\CF\DE\D6\C6\D7\DChttp\C1\AC\BD\D3\CA\FD\CE\AA20" connection-limit=20,0 \
disabled=no dst-port=80 protocol=tcp
add action=drop chain=input comment=\
"\CC\BD\B2\E2\B2\A2\B6\AA\C6\FA\B6\CB\BF\DA\C9\A8\C3\E8\C1\AC\BD\D3" \
disabled=no protocol=tcp psd=21,3s,3,1
add action=tarpit chain=input comment="\D1\B9\D6\C6DoS\B9\A5\BB\F7" \
connection-limit=3,32 disabled=no protocol=tcp src-address-list=\
black_list
add action=add-src-to-address-list address-list=black_list \
address-list-timeout=1d chain=input comment="\CC\BD\B2\E2DoS\B9\A5\BB\F7" \
connection-limit=10,32 disabled=no protocol=tcp
add action=drop chain=input comment=\
"\B6\AA\C6\FA\B5\F4\B7\C7\B1\BE\B5\D8\CA\FD\BE\DD" disabled=no \
dst-address-type=!local
add action=jump chain=input comment="\CC\F8\D7\AA\B5\BDICMP\C1\B4\B1\ED" \
disabled=no jump-target=ICMP protocol=icmp
add action=accept chain=ICMP comment=\
"Ping\D3\A6\B4\F0\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" disabled=no \
icmp-options=0:0-255 limit=5,5 protocol=icmp
add action=accept chain=ICMP comment=\
"Traceroute\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" disabled=no \
icmp-options=3:3 limit=5,5 protocol=icmp
add action=accept chain=ICMP comment=\
"MTU\CF\DF\C2\B7\CC\BD\B2\E2\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" \
disabled=no icmp-options=3:4 limit=5,5 protocol=icmp
add action=accept chain=ICMP comment=\
"Ping\C7\EB\C7\F3\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" disabled=no \
icmp-options=8:0-255 limit=5,5 protocol=icmp
add action=accept chain=ICMP comment=\
"Trace TTL\CF\DE\D6\C6\CE\AA\C3\BF\C3\EB5\B8\F6\B0\FC" disabled=no \
icmp-options=11:0-255 limit=5,5 protocol=icmp
add action=drop chain=ICMP comment=\
"\B6\AA\C6\FA\B5\F4\C8\CE\BA\CEICMP\CA\FD\BE\DD" disabled=no protocol=\
icmp
add action=drop chain=forward comment=\
"\B6\AA\C6\FA\B7\C7\B7\A8\CA\FD\BE\DD\B0\FC" connection-state=invalid \
disabled=no
add action=drop chain=forward comment=\
"\B6\AA\C6\FA\B5\F4\CB\F9\D3\D0\B7\C7\B5\A5\B2\A5\CA\FD\BE\DD" disabled=\
no src-address-type=!unicast
add action=jump chain=forward comment="\CC\F8\D7\AA\B5\BDICMP\C1\B4\B1\ED" \
disabled=no jump-target=ICMP protocol=icmp
add action=jump chain=forward comment=\
"\CC\F8\D7\AA\B5\BD\B2\A1\B6\BE\C1\B4\B1\ED" disabled=no jump-target=\
virus
add action=drop chain=forward comment=\
"\CF\DE\D6\C6\C3\BF\B8\F6\D6\F7\BB\FATCP\C1\AC\BD\D3\CA\FD\CE\AA80\CC\F5" \
connection-limit=80,32 disabled=no protocol=tcp
add action=accept chain=forward comment=\
"\BD\D3\CA\DC\CB\F9\D3\D0\CA\FD\BE\DD" disabled=no
add action=drop chain=virus comment=DeepThroat.Trojan-1 disabled=no dst-port=\
41 protocol=tcp
add action=drop chain=virus comment=Worm.NetSky.Y@mm disabled=no dst-port=82 \
protocol=tcp
add action=drop chain=virus comment=W32.Korgo.A/B/C/D/E/F-1 disabled=no \
dst-port=113 protocol=tcp
add action=drop chain=virus comment=W33.Korgo.A/B/C/D/E/F-2 disabled=no \
dst-port=2041 protocol=tcp
add action=drop chain=virus comment=DeepThroat.Trojan-2 disabled=no dst-port=\
3150 protocol=tcp
add action=drop chain=virus comment=W32.Korgo.A/B/C/D/E/F-3 disabled=no \
dst-port=3067 protocol=tcp
add action=drop chain=virus comment=Backdoor.IRC.Aladdinz.R-1 disabled=no \
dst-port=3422 protocol=tcp
add action=drop chain=virus comment=W32.Korgo.A/B/C/D/E/F-4 disabled=no \
dst-port=6667 protocol=tcp
add action=drop chain=virus comment=Worm.NetSky.S/T/U@mm disabled=no \
dst-port=6789 protocol=tcp
add action=drop chain=virus comment=Back.Orifice.2000.Trojan-1 disabled=no \
dst-port=8787 protocol=tcp
add action=drop chain=virus comment=Back.Orifice.2000.Trojan-2 disabled=no \
dst-port=8879 protocol=tcp
add action=drop chain=virus comment=W32.Dabber.A/B-2 disabled=no dst-port=\
8967 protocol=tcp
add action=drop chain=virus comment=W32.Dabber.A/B-3 disabled=no dst-port=\
9999 protocol=tcp
add action=drop chain=virus comment=Block.NetBus.Trojan-2 disabled=no \
dst-port=20034 protocol=tcp
add action=drop chain=virus comment=GirlFriend.Trojan-1 disabled=no dst-port=\
21554 protocol=tcp
add action=drop chain=virus comment=Back.Orifice.2000.Trojan-3 disabled=no \
dst-port=31666 protocol=tcp
add action=drop chain=virus comment=Backdoor.IRC.Aladdinz.R-2 disabled=no \
dst-port=43958 protocol=tcp
add action=drop chain=virus comment=DeepThroat.Trojan-3 disabled=no dst-port=\
999 protocol=tcp
add action=drop chain=virus comment=DeepThroat.Trojan-4 disabled=no dst-port=\
6670 protocol=tcp
add action=drop chain=virus comment=DeepThroat.Trojan-5 disabled=no dst-port=\
6771 protocol=tcp
add action=drop chain=virus comment=DeepThroat.Trojan-6 disabled=no dst-port=\
60000 protocol=tcp
add action=drop chain=virus comment=DeepThroat.Trojan-7 disabled=no dst-port=\
2140 protocol=tcp
add action=drop chain=virus comment=Portal.of.Doom.Trojan-1 disabled=no \
dst-port=10067 protocol=tcp
add action=drop chain=virus comment=Portal.of.Doom.Trojan-2 disabled=no \
dst-port=10167 protocol=tcp
add action=drop chain=virus comment=Portal.of.Doom.Trojan-3 disabled=no \
dst-port=3700 protocol=tcp
add action=drop chain=virus comment=Portal.of.Doom.Trojan-4 disabled=no \
dst-port=9872-9875 protocol=tcp
add action=drop chain=virus comment=Delta.Source.Trojan-1 disabled=no \
dst-port=6883 protocol=tcp
add action=drop chain=virus comment=Delta.Source.Trojan-2 disabled=no \
dst-port=26274 protocol=tcp
add action=drop chain=virus comment=Delta.Source.Trojan-3 disabled=no \
dst-port=4444 protocol=tcp
add action=drop chain=virus comment=Delta.Source.Trojan-4 disabled=no \
dst-port=47262 protocol=tcp
add action=drop chain=virus comment=Eclypse.Trojan-1 disabled=no dst-port=\
3791 protocol=tcp
add action=drop chain=virus comment=Eclypse.Trojan-2 disabled=no dst-port=\
3801 protocol=tcp
add action=drop chain=virus comment=Eclypse.Trojan-3 disabled=no dst-port=\
65390 protocol=tcp
add action=drop chain=virus comment=Y3K.RAT.Trojan-1 disabled=no dst-port=\
5880-5882 protocol=tcp
add action=drop chain=virus comment=Y3K.RAT.Trojan-2 disabled=no dst-port=\
5888-5889 protocol=tcp
add action=drop chain=virus comment=NetSphere.Trojan-1 disabled=no dst-port=\
30100-30103 protocol=tcp
add action=drop chain=virus comment=NetSphere.Trojan-2 disabled=no dst-port=\
30133 protocol=tcp
add action=drop chain=virus comment=NetMonitor.Trojan-1 disabled=no dst-port=\
7300-7301 protocol=tcp
add action=drop chain=virus comment=NetMonitor.Trojan-2 disabled=no dst-port=\
7306-7308 protocol=tcp
add action=drop chain=virus comment=FireHotcker.Trojan-1 disabled=no \
dst-port=79 protocol=tcp
add action=drop chain=virus comment=FireHotcker.Trojan-2 disabled=no \
dst-port=5031 protocol=tcp
add action=drop chain=virus comment=FireHotcker.Trojan-3 disabled=no \
dst-port=5321 protocol=tcp
add action=drop chain=virus comment=TheThing.Trojan-1 disabled=no dst-port=\
6400 protocol=tcp
add action=drop chain=virus comment=GateCrasher.Trojan-1 disabled=no \
dst-port=1047 protocol=tcp
add action=drop chain=virus comment=GateCrasher.Trojan-2 disabled=no \
dst-port=6969-6970 protocol=tcp
add action=drop chain=virus comment=SubSeven-1 disabled=no dst-port=2774 \
protocol=tcp
add action=drop chain=virus comment=SubSeven-2 disabled=no dst-port=27374 \
protocol=tcp
add action=drop chain=virus comment=SubSeven-3 disabled=no dst-port=1243 \
protocol=tcp
add action=drop chain=virus comment=SubSeven-4 disabled=no dst-port=1234 \
protocol=tcp
add action=drop chain=virus comment=SubSeven-5 disabled=no dst-port=6711-6713 \
protocol=tcp
add action=drop chain=virus comment=SubSeven-7 disabled=no dst-port=16959 \
protocol=tcp
add action=drop chain=virus comment=Moonpie.Trojan-1 disabled=no dst-port=\
25685-25686 protocol=tcp
add action=drop chain=virus comment=Moonpie.Trojan-2 disabled=no dst-port=\
25982 protocol=tcp
add action=drop chain=virus comment=NetSpy.Trojan-3 disabled=no dst-port=\
31337-31339 protocol=tcp
add action=drop chain=virus comment=Trojan disabled=no dst-port=8102 \
protocol=tcp
add action=drop chain=virus comment=WAY.Trojan disabled=no dst-port=8011 \
protocol=tcp
add action=drop chain=virus comment=Trojan.BingHe disabled=no dst-port=7626 \
protocol=tcp
add action=drop chain=virus comment=Trojan.NianSeHoYian disabled=no dst-port=\
19191 protocol=tcp
add action=drop chain=virus comment=NetBull.Trojan disabled=no dst-port=\
23444-23445 protocol=tcp
add action=drop chain=virus comment=WinCrash.Trojan-1 disabled=no dst-port=\
2583 protocol=tcp
add action=drop chain=virus comment=WinCrash.Trojan-2 disabled=no dst-port=\
3024 protocol=tcp
add action=drop chain=virus comment=WinCrash.Trojan-3 disabled=no dst-port=\
4092 protocol=tcp
add action=drop chain=virus comment=WinCrash.Trojan-4 disabled=no dst-port=\
5714 protocol=tcp
add action=drop chain=virus comment=Doly1.0/1.35/1.5trojan-1 disabled=no \
dst-port=1010-1012 protocol=tcp
add action=drop chain=virus comment=Doly1.0/1.35/1.5trojan-2 disabled=no \
dst-port=1015 protocol=tcp
add action=drop chain=virus comment=TransScout.Trojan-1 disabled=no dst-port=\
2004-2005 protocol=tcp
add action=drop chain=virus comment=TransScout.Trojan-2 disabled=no dst-port=\
9878 protocol=tcp
add action=drop chain=virus comment=Backdoor.YAI..Trojan-1 disabled=no \
dst-port=2773 protocol=tcp
add action=drop chain=virus comment=Backdoor.YAI.Trojan-2 disabled=no \
dst-port=7215 protocol=tcp
add action=drop chain=virus comment=Backdoor.YAI.Trojan-3 disabled=no \
dst-port=54283 protocol=tcp
add action=drop chain=virus comment=BackDoorTrojan-1 disabled=no dst-port=\
1003 protocol=tcp
add action=drop chain=virus comment=BackDoorTrojan-2 disabled=no dst-port=\
5598 protocol=tcp
add action=drop chain=virus comment=BackDoorTrojan-3 disabled=no dst-port=\
5698 protocol=tcp
add action=drop chain=virus comment=SchainwindlerTrojan-2 disabled=no \
dst-port=31554 protocol=tcp
add action=drop chain=virus comment=Shaft.DDoS.Trojan-1 disabled=no dst-port=\
18753 protocol=tcp
add action=drop chain=virus comment=Shaft.DDoS.Trojan-2 disabled=no dst-port=\
20432 protocol=tcp
add action=drop chain=virus comment=Devil.DDoS.Trojan disabled=no dst-port=\
65000 protocol=tcp
add action=drop chain=virus comment=LatinusTrojan-1 disabled=no dst-port=\
11831 protocol=tcp
add action=drop chain=virus comment=LatinusTrojan-2 disabled=no dst-port=\
29559 protocol=tcp
add action=drop chain=virus comment=Snid.X2Trojan-1 disabled=no dst-port=1784 \
protocol=tcp
add action=drop chain=virus comment=Snid.X2Trojan-2 disabled=no dst-port=3586 \
protocol=tcp
add action=drop chain=virus comment=Snid.X2Trojan-3 disabled=no dst-port=7609 \
protocol=tcp
add action=drop chain=virus comment=BionetTrojan-1 disabled=no dst-port=\
12348-12349 protocol=tcp
add action=drop chain=virus comment=BionetTrojan-2 disabled=no dst-port=12478 \
protocol=tcp
add action=drop chain=virus comment=BionetTrojan-3 disabled=no dst-port=57922 \
protocol=tcp
add action=drop chain=virus comment=Worm.Novarg.a.Mydoom.a1. disabled=no \
dst-port=3127 protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.a.Bagle.a. disabled=no \
dst-port=6777 protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.b disabled=no dst-port=8866 \
protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.c-g/j-l disabled=no \
dst-port=2745 protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.p/q/r/n disabled=no \
dst-port=2556 protocol=tcp
add action=drop chain=virus comment=Worm.BBEagle.m-2 disabled=no dst-port=\
20742 protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.s/t/u/v disabled=no \
dst-port=4751 protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.aa/ab/w/x-z-2 disabled=no \
dst-port=2535 protocol=tcp
add action=drop chain=virus comment=Worm.LovGate.r.RpcExploit disabled=no \
dst-port=5238 protocol=tcp
add action=drop chain=virus comment=Worm.Sasser.a disabled=no dst-port=1068 \
protocol=tcp
add action=drop chain=virus comment=Worm.Sasser.b/c/f disabled=no dst-port=\
5554 protocol=tcp
add action=drop chain=virus comment=Worm.Sasser.b/c/f disabled=no dst-port=\
9996 protocol=tcp
add action=drop chain=virus comment=Worm.Sasser.d disabled=no dst-port=9995 \
protocol=tcp
add action=drop chain=virus comment=Worm.Lovgate.a/b/c/d disabled=no \
dst-port=10168 protocol=tcp
add action=drop chain=virus comment=Worm.Lovgate.v.QQ disabled=no dst-port=\
20808 protocol=tcp
add action=drop chain=virus comment=Worm.Lovgate.f/g disabled=no dst-port=\
1092 protocol=tcp
add action=drop chain=virus comment=Worm.Lovgate.f/g disabled=no dst-port=\
20168 protocol=tcp
add action=drop chain=virus comment=ndm.requester disabled=no dst-port=\
1363-1364 protocol=tcp
add action=drop chain=virus comment=screen.cast disabled=no dst-port=1368 \
protocol=tcp
add action=drop chain=virus comment=hromgrafx disabled=no dst-port=1373 \
protocol=tcp
add action=drop chain=virus comment=cichainlid disabled=no dst-port=1377 \
protocol=tcp
add action=drop chain=virus comment=Backdoor.Optixprotocol disabled=no \
dst-port=3410 protocol=tcp
add action=drop chain=virus comment=Worm.BBeagle.b disabled=no dst-port=8888 \
protocol=tcp
add action=drop chain=virus comment=Delta.Source.Trojan-7 disabled=no \
dst-port=44444 protocol=udp
add action=drop chain=virus comment=Worm.Sobig.f-3 disabled=no dst-port=8998 \
protocol=udp
add action=drop chain=virus comment=Worm.Sobig.f-1 disabled=no dst-port=123 \
protocol=udp
add action=drop chain=virus comment=Worm.Novarg.a.Mydoom.a2. disabled=no \
dst-port=3198 protocol=tcp
add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=\
139 protocol=tcp
add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=\
135 protocol=tcp
add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=\
445 protocol=tcp
© 版权声明
这些信息可能会帮助到你: 下载帮助 | 免责说明 | 进站必看 | 广告投放
版权声明:本文采用知识共享 署名4.0国际许可协议 BY-NC-SA 4.0 进行授权文章名称:《ROS防火墙的各种脚本》
文章链接:https://www.jsksky.com/routeros-firewall-script.html
免责声明:根据《计算机软件保护条例》第十七条规定“为了学习和研究软件内含的设计思想和原理,通过安装、显示、传输或者存储软件等方式使用软件的,可以不经软件著作权人许可,不向其支付报酬。”您需知晓本站所有内容资源均来源于网络,仅供用户交流学习与研究使用,版权归属原版权方所有,版权争议与本站无关,用户本人下载后不能用作商业或非法用途,需在24个小时之内从您的电脑中彻底删除上述内容,否则后果均由用户承担责任;如果您访问和下载此文件,表示您同意只将此文件用于参考、学习而非其他用途,否则一切后果请您自行承担,如果您喜欢该程序,请支持正版软件,购买注册,得到更好的正版服务。
本站为个人博客非盈利性站点,所有软件信息均来自网络,所有资源仅供学习参考研究目的,并不贩卖软件,不存在任何商业目的及用途,部分软件收费或网站会员捐赠是您喜欢本站而产生的赞助支持行为,仅为维持服务器的开支与维护,全凭自愿无任何强求。
THE END
请登录后发表评论
注册
社交帐号登录