订阅博客
- 国内订阅地址:
- 海外订阅地址:
- 国内订阅地址:
四
29
2.9系列 ROS 防火墙
Filed Under routeros专题
jan/12/2006 21:47:17 by RouterOS 2.9.7
# software id = 3FMQ-Z6N
#
/ ip firewall filter
add chain=input src-address-list=black_list action=drop comment="Drop Black list 屏蔽黑名单IP " disabled=no
add chain=input connection-state=invalid action=drop comment="drop invalid
packets" disabled=no
add chain=input connection-state=related action=accept comment="accept related
packets" disabled=no
add chain=input connection-state=established action=accept comment="accept
established packets" disabled=no
add chain=input protocol=tcp psd=21,3s,3,1 action=drop comment="detect and
drop port scan connections" disabled=no
add chain=input protocol=tcp connection-limit=3,32 src-address-list=black_list
action=tarpit comment="suppress DoS attack" disabled=no
add chain=input protocol=tcp connection-limit=10,32
action=add-src-to-address-list address-list=black_list
address-list-timeout=1d comment="detect DoS attack" disabled=no
add chain=input dst-address-type=!local action=drop comment="drop all that is
not to local" disabled=no
add chain=input protocol=icmp action=jump jump-target=ICMP comment="jump to
chain ICMP" disabled=no
add chain=input action=jump jump-target=services comment="Jump to service"
disabled=no
add chain=input action=jump jump-target=virus comment="jump to Virus"
disabled=no
add chain=ICMP protocol=icmp icmp-options=0:0-255 limit=5,5 action=accept
comment="0:0 and limit for 5pac/s" disabled=no
add chain=ICMP protocol=icmp icmp-options=3:3 limit=5,5 action=accept
comment="3:3 and limit for 5pac/s" disabled=no
add chain=ICMP protocol=icmp icmp-options=3:4 limit=5,5 action=accept
comment="3:4 and limit for 5pac/s" disabled=no
add chain=ICMP protocol=icmp icmp-options=8:0-255 limit=5,5 action=accept
comment="8:0 and limit for 5pac/s" disabled=no
add chain=ICMP protocol=icmp icmp-options=11:0-255 limit=5,5 action=accept
comment="11:0 and limit for 5pac/s" disabled=no
add chain=services protocol=tcp dst-port=8291 action=accept comment="Allow
winbox" disabled=no
add chain=services protocol=tcp dst-port=20-21 action=accept comment="allow
ftp" disabled=yes
add chain=services protocol=tcp dst-port=8080 action=accept comment="allow Web
Proxy" disabled=yes
add chain=services src-address=127.0.0.1 dst-address=127.0.0.1 action=accept
comment="accept localhost" disabled=no
add chain=services protocol=tcp dst-port=22 action=accept comment="allow sftp,
ssh" disabled=yes
add chain=services protocol=tcp dst-port=23 action=accept comment="allow
telnet" disabled=yes
add chain=services protocol=tcp dst-port=80 action=accept comment="allow http,
webbox" disabled=yes
add chain=services protocol=udp dst-port=20561 action=accept comment="allow
MACwinbox " disabled=yes
add chain=services protocol=tcp dst-port=2000 action=accept comment="Bandwidth
server" disabled=yes
add chain=services protocol=udp dst-port=5678 action=accept comment=" MT
Discovery Protocol" disabled=yes
add chain=services protocol=tcp dst-port=53 action=accept comment="allow DNS
request" disabled=yes
add chain=services protocol=udp dst-port=53 action=accept comment="Allow DNS
request" disabled=yes
add chain=services protocol=udp dst-port=1701 action=accept comment="allow
L2TP" disabled=yes
add chain=services protocol=tcp dst-port=1723 action=accept comment="allow
PPTP" disabled=yes
add chain=services protocol=gre action=accept comment="allow PPTP and EoIP"
disabled=yes
add chain=services protocol=ipencap action=accept comment="allow IPIP"
disabled=yes
add chain=services protocol=udp dst-port=1900 action=accept comment="UPnP"
disabled=yes
add chain=services protocol=tcp dst-port=2828 action=accept comment="UPnP"
disabled=yes
add chain=services protocol=udp dst-port=67-68 action=accept comment="allow
DHCP" disabled=yes
add chain=services protocol=tcp dst-port=123 action=accept comment="allow NTP"
disabled=yes
add chain=services protocol=tcp dst-port=161 action=accept comment="allow
SNMP" disabled=yes
add chain=services protocol=tcp dst-port=443 action=accept comment="allow
https for Hotspot" disabled=yes
add chain=services protocol=tcp dst-port=1080 action=accept comment="allow
Socks for Hotspot" disabled=yes
add chain=services protocol=udp dst-port=500 action=accept comment="allow
IPSec connections" disabled=yes
add chain=services protocol=ipsec-esp action=accept comment="allow IPSec"
disabled=yes
add chain=services protocol=ipsec-ah action=accept comment="allow IPSec"
disabled=yes
add chain=services protocol=tcp dst-port=179 action=accept comment="Allow BGP"
disabled=yes
add chain=services protocol=udp dst-port=520-521 action=accept comment="allow
RIP" disabled=yes
add chain=services protocol=ospf action=accept comment="allow OSPF"
disabled=yes
add chain=services protocol=udp dst-port=5000-5100 action=accept
comment="allow BGP" disabled=yes
add chain=services protocol=tcp dst-port=1720 action=accept comment="allow
Telephony" disabled=yes
add chain=services protocol=udp dst-port=1719 action=accept comment="allow
Telephony" disabled=yes
add chain=services protocol=vrrp action=accept comment="allow VRRP "
disabled=yes
add chain=forward connection-state=invalid action=drop comment="drop invalid
packets" disabled=no
add chain=forward p2p=all-p2p action=drop comment="Drop BT and All P2P"
disabled=yes
add chain=output connection-state=invalid action=drop comment="drop invalid
packets" disabled=no
add chain=output connection-state=related action=accept comment="accept
related packets" disabled=no
add chain=output connection-state=established action=accept comment="accept
established packets" disabled=no
add chain=virus protocol=tcp dst-port=135-139 action=drop comment=""
disabled=no
add chain=virus protocol=tcp dst-port=82 action=drop
comment="Worm.NetSky.Y@mm" disabled=no
add chain=virus protocol=tcp dst-port=113 action=drop
comment="W32.Korgo.A/B/C/D/E/F-1" disabled=no
add chain=virus protocol=tcp dst-port=2041 action=drop
comment="W33.Korgo.A/B/C/D/E/F-2" disabled=no
add chain=virus protocol=tcp dst-port=3067 action=drop
comment="W32.Korgo.A/B/C/D/E/F-3" disabled=no
add chain=virus protocol=tcp dst-port=6667 action=drop
comment="W32.Korgo.A/B/C/D/E/F-4" disabled=no
add chain=virus protocol=tcp dst-port=445 action=drop
comment="W32.Korgo.A/B/C/D/E/F-5" disabled=no
add chain=virus protocol=tcp dst-port=1000-1001 action=drop
comment="Backdoor.Nibu.B-1" disabled=no
add chain=virus protocol=tcp dst-port=2283 action=drop
comment="Backdoor.Nibu.B-2" disabled=no
add chain=virus protocol=tcp dst-port=10000 action=drop
comment="Backdoor.Nibu.E/G/H" disabled=no
add chain=virus protocol=tcp dst-port=3422 action=drop
comment="Backdoor.IRC.Aladinz.R-1" disabled=no
add chain=virus protocol=tcp dst-port=43958 action=drop
comment="Backdoor.IRC.Aladinz.R-2" disabled=no
add chain=virus protocol=tcp dst-port=5554 action=drop
comment="W32.Dabber.A/B-1" disabled=no
add chain=virus protocol=tcp dst-port=8967 action=drop
comment="W32.Dabber.A/B-2" disabled=no
add chain=virus protocol=tcp dst-port=6789 action=drop
comment="Worm.NetSky.S/T/U@mm" disabled=no
add chain=virus protocol=tcp dst-port=8787 action=drop
comment="Back.Orifice.2000.Trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=8879 action=drop
comment="Back.Orifice.2000.Trojan-2" disabled=no
add chain=virus protocol=tcp dst-port=31666 action=drop
comment="Back.Orifice.2000.Trojan-3" disabled=no
add chain=virus protocol=tcp dst-port=31337-31338 action=drop
comment="Back.Orifice.2000.Trojan-4" disabled=no
add chain=virus protocol=tcp dst-port=54320-54321 action=drop
comment="Back.Orifice.2000.Trojan-5" disabled=no
add chain=virus protocol=tcp dst-port=12345-12346 action=drop
comment="Block.NetBus.Trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=20034 action=drop
comment="Block.NetBus.Trojan-2" disabled=no
add chain=virus protocol=tcp dst-port=21554 action=drop
comment="GirlFriend.Trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=41 action=drop
comment="DeepThroat.Trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=3150 action=drop
comment="DeepThroat.Trojan-2" disabled=no
add chain=virus protocol=tcp dst-port=999 action=drop
comment="DeepThroat.Trojan-3" disabled=no
add chain=virus protocol=tcp dst-port=6670 action=drop
comment="DeepThroat.Trojan-4" disabled=no
add chain=virus protocol=tcp dst-port=6771 action=drop
comment="DeepThroat.Trojan-5" disabled=no
add chain=virus protocol=tcp dst-port=60000 action=drop
comment="DeepThroat.Trojan-6" disabled=no
add chain=virus protocol=tcp dst-port=2140 action=drop
comment="DeepThroat.Trojan-7" disabled=no
add chain=virus protocol=tcp dst-port=10067 action=drop
comment="Portal.of.Doom.Trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=10167 action=drop
comment="Portal.of.Doom.Trojan-2" disabled=no
add chain=virus protocol=tcp dst-port=3700 action=drop
comment="Portal.of.Doom.Trojan-3" disabled=no
add chain=virus protocol=tcp dst-port=9872-9875 action=drop
comment="Portal.of.Doom.Trojan-4" disabled=no
add chain=virus protocol=tcp dst-port=6883 action=drop
comment="Delta.Source.Trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=26274 action=drop
comment="Delta.Source.Trojan-2" disabled=no
add chain=virus protocol=tcp dst-port=4444 action=drop
comment="Delta.Source.Trojan-3" disabled=no
add chain=virus protocol=tcp dst-port=47262 action=drop
comment="Delta.Source.Trojan-4" disabled=no
add chain=virus protocol=tcp dst-port=3791 action=drop
comment="Eclypse.Trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=3801 action=drop
comment="Eclypse.Trojan-2" disabled=no
add chain=virus protocol=tcp dst-port=65390 action=drop
comment="Eclypse.Trojan-3" disabled=no
add chain=virus protocol=tcp dst-port=5880-5882 action=drop
comment="Y3K.RAT.Trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=5888-5889 action=drop
comment="Y3K.RAT.Trojan-2" disabled=no
add chain=virus protocol=tcp dst-port=30100-30103 action=drop
comment="NetSphere.Trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=30133 action=drop
comment="NetSphere.Trojan-2" disabled=no
add chain=virus protocol=tcp dst-port=7300-7301 action=drop
comment="NetMonitor.Trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=7306-7308 action=drop
comment="NetMonitor.Trojan-2" disabled=no
add chain=virus protocol=tcp dst-port=79 action=drop
comment="FireHotcker.Trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=5031 action=drop
comment="FireHotcker.Trojan-2" disabled=no
add chain=virus protocol=tcp dst-port=5321 action=drop
comment="FireHotcker.Trojan-3" disabled=no
add chain=virus protocol=tcp dst-port=6400 action=drop
comment="TheThing.Trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=1047 action=drop
comment="GateCrasher.Trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=6969-6970 action=drop
comment="GateCrasher.Trojan-2" disabled=no
add chain=virus protocol=tcp dst-port=2774 action=drop comment="SubSeven-1"
disabled=no
add chain=virus protocol=tcp dst-port=27374 action=drop comment="SubSeven-2"
disabled=no
add chain=virus protocol=tcp dst-port=1243 action=drop comment="SubSeven-3"
disabled=no
add chain=virus protocol=tcp dst-port=1234 action=drop comment="SubSeven-4"
disabled=no
add chain=virus protocol=tcp dst-port=6711-6713 action=drop
comment="SubSeven-5" disabled=no
add chain=virus protocol=tcp dst-port=16959 action=drop comment="SubSeven-7"
disabled=no
add chain=virus protocol=tcp dst-port=11000 action=drop
comment="Senna.Spy.Trojan-1 洛奇" disabled=no
add chain=virus protocol=tcp dst-port=25685-25686 action=drop
comment="Moonpie.Trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=25982 action=drop
comment="Moonpie.Trojan-2" disabled=no
add chain=virus protocol=tcp dst-port=1024-1030 action=drop
comment="NetSpy.Trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=1033 action=drop
comment="NetSpy.Trojan-2" disabled=no
add chain=virus protocol=tcp dst-port=31337-31339 action=drop
comment="NetSpy.Trojan-3" disabled=no
add chain=virus protocol=tcp dst-port=8102 action=drop comment="Trojan"
disabled=no
add chain=virus protocol=tcp dst-port=7306 action=drop
comment="Netspy3.0Trojan" disabled=no
add chain=virus protocol=tcp dst-port=8011 action=drop comment="WAY.Trojan"
disabled=no
add chain=virus protocol=tcp dst-port=7626 action=drop comment="Trojan.BingHe"
disabled=no
add chain=virus protocol=tcp dst-port=19191 action=drop
comment="Trojan.NianSeHoYian" disabled=no
add chain=virus protocol=tcp dst-port=23444-23445 action=drop
comment="NetBull.Trojan" disabled=no
add chain=virus protocol=tcp dst-port=2583 action=drop
comment="WinCrash.Trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=3024 action=drop
comment="WinCrash.Trojan-2" disabled=no
add chain=virus protocol=tcp dst-port=4092 action=drop
comment="WinCrash.Trojan-3" disabled=no
add chain=virus protocol=tcp dst-port=5714 action=drop
comment="WinCrash.Trojan-4" disabled=no
add chain=virus protocol=tcp dst-port=1010-1012 action=drop
comment="Doly1.0/1.35/1.5trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=1015 action=drop
comment="Doly1.0/1.35/1.5trojan-2" disabled=no
add chain=virus protocol=tcp dst-port=1999 action=drop
comment="TransScout.Trojan-1 " disabled=no
add chain=virus protocol=tcp dst-port=9878 action=drop
comment="TransScout.Trojan-2" disabled=no
add chain=virus protocol=tcp dst-port=2773 action=drop
comment="Backdoor.YAI..Trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=7215 action=drop
comment="Backdoor.YAI.Trojan-2" disabled=no
add chain=virus protocol=tcp dst-port=54283 action=drop
comment="Backdoor.YAI.Trojan-3" disabled=no
add chain=virus protocol=tcp dst-port=1003 action=drop
comment="BackDoorTrojan-1" disabled=no
add chain=virus protocol=tcp dst-port=5598 action=drop
comment="BackDoorTrojan-2" disabled=no
add chain=virus protocol=tcp dst-port=5698 action=drop
comment="BackDoorTrojan-3" disabled=no
add chain=virus protocol=tcp dst-port=2716 action=drop
comment="PrayerTrojan-1" disabled=no
add chain=virus protocol=tcp dst-port=21544 action=drop
comment="SchwindlerTrojan-1" disabled=no
add chain=virus protocol=tcp dst-port=31554 action=drop
comment="SchwindlerTrojan-2" disabled=no
add chain=virus protocol=tcp dst-port=18753 action=drop
comment="Shaft.DDoS.Trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=20432 action=drop
comment="Shaft.DDoS.Trojan-2" disabled=no
add chain=virus protocol=tcp dst-port=65000 action=drop
comment="Devil.DDoS.Trojan" disabled=no
add chain=virus protocol=tcp dst-port=11831 action=drop
comment="LatinusTrojan-1" disabled=no
add chain=virus protocol=tcp dst-port=29559 action=drop
comment="LatinusTrojan-2" disabled=no
add chain=virus protocol=tcp dst-port=1784 action=drop
comment="Snid.X2Trojan-1" disabled=no
add chain=virus protocol=tcp dst-port=3586 action=drop
comment="Snid.X2Trojan-2" disabled=no
add chain=virus protocol=tcp dst-port=7609 action=drop
comment="Snid.X2Trojan-3" disabled=no
add chain=virus protocol=tcp dst-port=12348-12349 action=drop
comment="BionetTrojan-1" disabled=no
add chain=virus protocol=tcp dst-port=12478 action=drop
comment="BionetTrojan-2" disabled=no
add chain=virus protocol=tcp dst-port=57922 action=drop
comment="BionetTrojan-3" disabled=no
add chain=virus protocol=tcp dst-port=3127-3198 action=drop
comment="Worm.Novarg.a.Mydoom.a.-1" disabled=no
add chain=virus protocol=tcp dst-port=6777 action=drop
comment="Worm.BBeagle.a.Bagle.a." disabled=no
add chain=virus protocol=tcp dst-port=8866 action=drop
comment="Worm.BBeagle.b" disabled=no
add chain=virus protocol=tcp dst-port=2745 action=drop
comment="Worm.BBeagle.c-g/j-l" disabled=no
add chain=virus protocol=tcp dst-port=2556 action=drop
comment="Worm.BBeagle.p/q/r/n" disabled=no
add chain=virus protocol=tcp dst-port=20742 action=drop
comment="Worm.BBEagle.m-2" disabled=no
add chain=virus protocol=tcp dst-port=4751 action=drop
comment="Worm.BBeagle.s/t/u/v" disabled=no
add chain=virus protocol=tcp dst-port=2535 action=drop
comment="Worm.BBeagle.aa/ab/w/x-z-2" disabled=no
add chain=virus protocol=tcp dst-port=5238 action=drop
comment="Worm.LovGate.r.RpcExploit" disabled=no
add chain=virus protocol=tcp dst-port=1068 action=drop comment="Worm.Sasser.a"
disabled=no
add chain=virus protocol=tcp dst-port=5554 action=drop
comment="Worm.Sasser.b/c/f" disabled=no
add chain=virus protocol=tcp dst-port=9996 action=drop
comment="Worm.Sasser.b/c/f" disabled=no
add chain=virus protocol=tcp dst-port=9995 action=drop comment="Worm.Sasser.d"
disabled=no
add chain=virus protocol=tcp dst-port=10168 action=drop
comment="Worm.Lovgate.a/b/c/d" disabled=no
add chain=virus protocol=tcp dst-port=20808 action=drop
comment="Worm.Lovgate.v.QQ" disabled=no
add chain=virus protocol=tcp dst-port=1092 action=drop
comment="Worm.Lovgate.f/g" disabled=no
add chain=virus protocol=tcp dst-port=20168 action=drop
comment="Worm.Lovgate.f/g" disabled=no
add chain=virus protocol=tcp dst-port=593 action=drop comment="" disabled=no
add chain=virus protocol=tcp dst-port=1214 action=drop comment="" disabled=no
add chain=virus protocol=tcp dst-port=1363-1364 action=drop
comment="ndm.requester" disabled=no
add chain=virus protocol=tcp dst-port=1368 action=drop comment="screen.cast"
disabled=no
add chain=virus protocol=tcp dst-port=1373 action=drop comment="hromgrafx"
disabled=no
add chain=virus protocol=tcp dst-port=1377 action=drop comment="cichlid"
disabled=no
add chain=virus protocol=tcp dst-port=3410 action=drop
comment="Backdoor.OptixPro" disabled=no
add chain=virus protocol=udp dst-port=135-139 action=drop comment=""
disabled=no
add chain=virus protocol=udp dst-port=8787 action=drop
comment="Back.Orifice.2000.Trojan-6" disabled=no
add chain=virus protocol=udp dst-port=8879 action=drop
comment="Back.Orifice.2000.Trojan-7" disabled=no
add chain=virus protocol=udp dst-port=31666 action=drop
comment="Back.Orifice.2000.Trojan-8" disabled=no
add chain=virus protocol=udp dst-port=31337-31338 action=drop
comment="Back.Orifice.2000.Trojan-9" disabled=no
add chain=virus protocol=udp dst-port=54320-54321 action=drop
comment="Back.Orifice.2000.Trojan-10" disabled=no
add chain=virus protocol=udp dst-port=12345-12346 action=drop
comment="Block.NetBus.Trojan-3" disabled=no
add chain=virus protocol=udp dst-port=20034 action=drop
comment="Block.NetBus.Trojan-4" disabled=no
add chain=virus protocol=udp dst-port=21554 action=drop
comment="GirlFriend.Trojan-2" disabled=no
add chain=virus protocol=udp dst-port=41 action=drop
comment="DeepThroat.Trojan-8" disabled=no
add chain=virus protocol=udp dst-port=3150 action=drop
comment="DeepThroat.Trojan-9" disabled=no
add chain=virus protocol=udp dst-port=999 action=drop
comment="DeepThroat.Trojan-10" disabled=no
add chain=virus protocol=udp dst-port=6670 action=drop
comment="DeepThroat.Trojan-11" disabled=no
add chain=virus protocol=udp dst-port=6771 action=drop
comment="DeepThroat.Trojan-12" disabled=no
add chain=virus protocol=udp dst-port=60000 action=drop
comment="DeepThroat.Trojan-13" disabled=no
add chain=virus protocol=udp dst-port=10067 action=drop
comment="Portal.of.Doom.Trojan-5" disabled=no
add chain=virus protocol=udp dst-port=10167 action=drop
comment="Portal.of.Doom.Trojan-6" disabled=no
add chain=virus protocol=udp dst-port=3700 action=drop
comment="Portal.of.Doom.Trojan-7" disabled=no
add chain=virus protocol=udp dst-port=9872-9875 action=drop
comment="Portal.of.Doom.Trojan-8" disabled=no
add chain=virus protocol=udp dst-port=6883 action=drop
comment="Delta.Source.Trojan-5" disabled=no
add chain=virus protocol=udp dst-port=26274 action=drop
comment="Delta.Source.Trojan-6" disabled=no
add chain=virus protocol=udp dst-port=44444 action=drop
comment="Delta.Source.Trojan-7" disabled=no
add chain=virus protocol=udp dst-port=47262 action=drop
comment="Delta.Source.Trojan-8" disabled=no
add chain=virus protocol=udp dst-port=3791 action=drop
comment="Eclypse.Trojan-1" disabled=no
add chain=virus protocol=udp dst-port=3801 action=drop
comment="Eclypse.Trojan-2" disabled=no
add chain=virus protocol=udp dst-port=5880-5882 action=drop
comment="Eclypse.Trojan-3" disabled=no
add chain=virus protocol=udp dst-port=5888-5889 action=drop
comment="Eclypse.Trojan-4" disabled=no
add chain=virus protocol=udp dst-port=34555 action=drop
comment="Trin00.DDoS.Trojan-1" disabled=no
add chain=virus protocol=udp dst-port=35555 action=drop
comment="Trin00.DDoS.Trojan-2" disabled=no
add chain=virus protocol=udp dst-port=31338 action=drop
comment="NetSpy.DK.Trojan-1" disabled=no
add chain=virus protocol=udp dst-port=69 action=drop
comment="Worm.MsBlaster-2" disabled=no
add chain=virus protocol=udp dst-port=123 action=drop comment="Worm.Sobig.f-1"
disabled=no
add chain=virus protocol=udp dst-port=995-998 action=drop
comment="Worm.Sobig.f-2" disabled=no
add chain=forward dst-address=202.96.155.91 action=drop comment="Drop 讯雷"
disabled=yes
add chain=forward dst-address=61.128.198.97 action=drop comment=""
disabled=yes
add chain=forward dst-address=61.147.119.204 action=drop comment=""
disabled=yes
add chain=forward dst-address=210.22.12.53 action=drop comment="" disabled=yes
add chain=forward protocol=udp dst-port=3076-3078 action=drop comment=""
disabled=yes
add chain=forward protocol=tcp dst-port=3076-3078 action=drop comment=""
disabled=yes
add chain=forward dst-address=219.134.132.81 action=drop comment=""
disabled=yes
add chain=forward dst-address=221.239.198.157 action=drop comment=""
disabled=yes
add chain=forward dst-address=220.166.37.179 action=drop comment=""
disabled=yes
add chain=forward dst-address=62.241.53.15 action=drop comment="Drop Emule"
disabled=yes
add chain=forward dst-address=218.16.125.227 action=drop comment="DROP
Coolgool" disabled=yes
add chain=forward dst-address=61.143.210.56 action=drop comment=""
disabled=yes
add chain=forward dst-address=218.16.125.226 action=drop comment=""
disabled=yes
add chain=forward dst-address=61.129.115.206 action=drop comment=""
disabled=yes
add chain=forward protocol=tcp dst-port=16881 action=drop comment="DROP
Bitspirt" disabled=yes
add chain=forward protocol=udp dst-port=16881 action=drop comment=""
disabled=yes
add chain=forward dst-address=61.145.126.150 action=drop comment="Baishitong
Tool" disabled=yes
add chain=forward dst-address=202.108.156.206 action=drop comment="drop baidu
MP3" disabled=yes
add chain=forward protocol=tcp dst-port=50007 action=drop comment="PTC"
disabled=yes
add chain=forward dst-address=62.241.53.15 protocol=tcp action=drop
comment="eDonkey2000" disabled=yes
add chain=forward dst-address=62.241.53.15 protocol=udp action=drop comment=""
disabled=yes
add chain=forward dst-address=62.241.53.17 protocol=tcp action=drop comment=""
disabled=yes
add chain=forward dst-address=62.241.53.17 protocol=udp action=drop comment=""
disabled=yes
add chain=forward dst-address=61.145.118.224 action=drop
comment="Poco2005nn" disabled=yes
add chain=forward dst-address=210.192.122.147 action=drop comment=""
disabled=yes
add chain=forward dst-address=207.46.196.108 action=drop comment=""
disabled=yes
add chain=forward dst-address=61.134.33.5 action=drop comment="Drop (NetFairy
2004)" disabled=yes
add chain=forward dst-address=61.233.75.13 action=drop comment="" disabled=yes
add chain=forward dst-address=61.138.213.251 action=drop comment=""
disabled=yes
add chain=forward dst-address=222.240.210.68 action=drop comment=""
disabled=yes
add chain=forward dst-address=61.177.95.140 action=drop comment=""
disabled=yes
add chain=forward dst-address=61.177.95.137 action=drop comment=""
disabled=yes
add chain=forward dst-address=61.172.197.196 action=drop comment="Drop :
6346" disabled=yes
add chain=forward dst-address=218.1.14.3 action=drop comment="" disabled=yes
add chain=forward dst-address=218.1.14.4 action=drop comment="" disabled=yes
add chain=forward dst-address=218.1.14.9 action=drop comment="" disabled=yes
add chain=forward dst-address=61.172.197.209 action=drop comment=""
disabled=yes
add chain=forward dst-address=61.172.197.197 action=drop comment=""
disabled=yes
add chain=forward dst-address=218.1.14.5 action=drop comment="" disabled=yes
add chain=forward dst-address=218.5.72.118 action=drop comment="" disabled=yes
add chain=forward dst-address=61.172.197.196 action=drop comment=""
disabled=yes
add chain=forward dst-address=211.155.224.67 action=drop comment="Drop "
disabled=yes
add chain=forward dst-address=211.91.135.114 action=drop comment="Drop
RealLink" disabled=yes
add chain=forward dst-address=221.233.18.180 action=drop comment=""
disabled=yes
add chain=forward dst-address=61.145.119.55 action=drop comment=""
disabled=yes
add chain=forward dst-address=221.3.132.99 action=drop comment="" disabled=yes
add chain=forward dst-address=219.136.251.56 action=drop comment="Drop "
disabled=yes
add chain=forward dst-address=61.149.124.173 action=drop comment=""
disabled=yes
add chain=forward dst-address=221.229.241.243 action=drop comment="DROP :
5093 " disabled=yes
add chain=forward dst-address=202.96.137.56 action=drop comment="DROP "
disabled=yes
add chain=forward dst-address=218.244.45.67 action=drop comment="DROP :6801
6800 7003nn" disabled=yes
add chain=forward dst-address=220.169.192.145 action=drop comment=""
disabled=yes
add chain=forward dst-address=221.233.19.30 action=drop comment="DROP P2P :
9000nn" disabled=yes
add chain=forward dst-address=66.197.13.166 action=drop comment="DROP OPENEXT"
disabled=yes
add chain=forward dst-address=210.22.12.245 action=drop comment=""
disabled=yes
add chain=forward dst-address=69.93.222.56 action=drop comment="" disabled=yes
add chain=forward protocol=tcp dst-port=5000 action=drop comment="DRIP iLink
1.1 :5467 2500 4173 10002 10003" disabled=yes
add chain=forward protocol=udp dst-port=5000 action=drop comment=""
disabled=yes
add chain=forward dst-address=210.51.168.13 action=drop comment="DROP DDS
11608" disabled=yes
add chain=forward dst-address=212.179.66.17 action=drop comment=""
disabled=yes
add chain=forward dst-address=211.157.105.252 action=drop comment=""
disabled=yes
add chain=forward dst-address=212.179.66.17 action=drop comment="DROP iMesh 5
4662" disabled=yes
add chain=forward dst-address=212.179.66.24 action=drop comment=""
disabled=yes
add chain=forward dst-address=38.117.175.23 action=drop comment=""
disabled=yes
add chain=forward dst-address=64.246.15.43 action=drop comment="DROP winmx
5690" disabled=yes
add chain=forward dst-address=211.152.22.9 action=drop comment="DROP Wangku
port:2122" disabled=yes
add chain=forward dst-address=211.152.22.101 action=drop comment=""
disabled=yes
add chain=forward dst-address=221.192.132.29 action=drop comment=""
disabled=yes
add chain=forward dst-address=219.153.0.152 action=drop comment="Drop Pipi
Dog" disabled=yes
add chain=forward dst-address=61.145.116.186 action=drop comment=""
disabled=yes
add chain=forward connection-state=related action=accept comment="accept
related packets" disabled=yes
add chain=forward connection-state=established action=accept comment="accept
established packets" disabled=yes
add chain=forward src-address-type=!unicast action=drop comment="drop all that
is not from unicast" disabled=yes
add chain=forward protocol=icmp action=jump jump-target=ICMP comment="jump to
chain ICMP" disabled=no
add chain=forward action=jump jump-target=virus comment="jump to virus chain"
disabled=no
………………………………………………………………………………………………………………………………………………………
(因为超过了50000个字节不得不省略 请下载附件)
注意了 任何防火墙都是1种积累的结果
这个世界上永远没有最好的防火墙 只有更加完善的 不断更新的
这个就需要大家的努力和帮助了
希望使用或者认真看过这个防火墙的朋友 慷慨的提出你的建议和实际使用中的调整方案
因为我坚信
在技术上 保守就意味着被淘汰
—————————————————————————————–
12月30日改进
—————————————————————————————–
非常感谢楼主的共享,我第一时间就放进我的防火墙了,非常好用.综合前几位前辈对游戏端口的问题,也作了修改,现在都没有什么游戏不能进了...
以下我是综合前辈的游戏端口加上了我的一些:
2000端口封闭导致联众无法登陆。
3076-3078端口封闭导致网络游戏"传奇私服"无法进入游戏.
7777端口封闭导致网络游戏“天堂2”无法进入游戏。
11000端口封闭导致网络游戏"洛奇"无法进入游戏.
…….
——————————————————————————————
1月11日
在INPUT里面加入DROP BLACK LIST
把所有ROS判断为DDOS攻击的IP屏蔽直到它停止攻击
附件: 点击下载
Comments
19 Responses to “2.9系列 ROS 防火墙”
Leave a Reply
Gdzie mozna pobrac template ktory uzyles na swoium blogu ?
You post informative posts. Bookmarked !
I want to start my first website, what blog platform do you use and recommend for me ?
Super-Duper internet site! I’m loving it!! Will occur back again again – taking you feeds also, Gives thanks.
Hello, i just believed i’d publish and let you realize your sites layout is truly messed up about the K-Melon browser.
Couldn’t agree additional! At your success
Super-Duper net web site! I am loving it!! Will come again again – getting you feeds also, Presents Gives thanks.
In General I don’t submit on blogs, but I’d like to express that this place in truth pushed me to try and do so! Incredibly fine submit.
In Common I usually do not post on information sites, but I would like to state that this area in truth pushed me to try and do so! Really good submit.
In exploring for sites linked to world wide web internet hosting and particularly assessment hosting Linux plan web, your web site came up.
Determined you like a fave so I’ll; be again :D
It is nice to finally get a internet site in which the blogger knows what they’re speaking almost.
What an thought! What a idea! Nice…
Super-Duper world wide web internet site! I am loving it!! Will appear back again once again – having you feeds also, Presents Thanks.
Do you workout in such a business? You look to acknowledge a large amount concerning the issue.
Thanks for ones support!
Hello there, i just idea i’d article and let you understand your blogs layout is genuinely messed up on the K-Melon browser.
Do you think, that this cms is good for my first website ?
Very interesting website but you must improve your template graphics.