ubnt解决方案
无线论坛»论坛 无线应用 - 为无线加双飞翔的翅膀 软路由学习和交流 存档 1 ROS防火墙脚本
返回列表
查看: 1576|回复: 2

[RouterOS] ROS防火墙脚本

[复制链接]
用易-小卢

2

回帖

567

积分

52 小时

在线时间

中尉

注册时间
2016-1-6
金币
493 个
威望
0 个
荣誉
0 个
累计签到:35 天
连续签到:0 天
[LV.50]初入江湖
发表于 2016-8-31 17:45
/ ip firewall filter
$ e+ y( s! ]. w$ B8 yadd chain=input connection-state=invalid action=drop \  t3 u8 V7 Z) z. B$ ^" m
comment=”丢弃非法连接packets” disabled=no6 o" }6 l' [) d9 T; X1 ]7 c
add chain=input protocol=tcp dst-port=80 connection-limit=90,0 action=drop \
- G' \: e% |8 l7 c  gcomment=”限制总http连接数为90″ disabled=no" u# A  {9 U1 }' e" C; F: n
add chain=input protocol=tcp psd=21,3s,3,1 action=drop \2 z7 V  w# V: P5 q( P3 \
comment=”探测并丢弃端口扫描连接” disabled=no
9 b5 p6 Q. T5 h6 Cadd chain=input protocol=tcp connection-limit=3,32 src-address-list=black_list \
) Z/ Q: E6 h7 F7 x- N9 maction=tarpit comment=”压制DoS攻击” disabled=no8 k% i( M8 w5 v' Z$ {% }7 a
add chain=input protocol=tcp connection-limit=10,32 \
5 R& o0 k& V6 t* h- }action=add-src-to-address-list address-list=black_list \
' j8 ^+ f6 r! i* H8 Daddress-list-timeout=1d comment=”探测DoS攻击” disabled=no
9 D) R  t! ], D! X; g3 ~, `3 yadd chain=input dst-address-type=!local action=drop comment=”丢弃掉非本地数据” \# b' u) S  |7 M5 o- F
disabled=no$ r; ]8 C% I  f1 |. c/ L5 L
add chain=input src-address-type=!unicast action=drop \
. J9 y7 U1 J1 O0 B4 T* c: Ucomment=”丢弃掉所有非单播数据” disabled=no
0 ?4 V9 E  s# }( y# kadd chain=input protocol=icmp action=jump jump-target=ICMP \
1 |1 j+ c7 x) k7 u- U" j% c2 mcomment=”跳转到ICMP链表” disabled=no
- L% q: X. L+ m- S% G. @; padd chain=input protocol=tcp action=jump jump-target=virus \( C4 U7 Q! G$ T6 l. N- L  O& B/ [; D
comment=”跳转到病毒链表” disabled=no9 {8 W# B2 d- r6 _9 h
add chain=ICMP protocol=icmp icmp-options=0:0-255 limit=5,5 action=accept \! v! t% F9 y5 w# J) U* L) j
comment=”Ping应答限制为每秒5个包” disabled=no6 v  F! u" s) w& z
add chain=ICMP protocol=icmp icmp-options=3:3 limit=5,5 action=accept \& Z% I* E6 S% r
comment=”Traceroute限制为每秒5个包” disabled=no) i: r- o) v& ?/ {0 h5 S8 \
add chain=ICMP protocol=icmp icmp-options=3:4 limit=5,5 action=accept \
& t0 ?2 Z$ g1 B% q/ \$ Icomment=”MTU线路探测限制为每秒5个包” disabled=no$ n3 d3 R# e3 ?5 w; y* [/ z% y) R
add chain=ICMP protocol=icmp icmp-options=8:0-255 limit=5,5 action=accept \8 t0 z- y' Q9 {( E# x
comment=”Ping请求限制为每秒5个包” disabled=no
; F0 }8 J4 p, z5 @4 l% iadd chain=ICMP protocol=icmp icmp-options=11:0-255 limit=5,5 action=accept \
8 k& r4 f3 m, y6 I2 Vcomment=”Trace TTL限制为每秒5个包” disabled=no* {: t2 b0 W0 m
add chain=ICMP protocol=icmp action=drop comment=”丢弃掉任何ICMP数据” \
3 W9 J% F% e3 ?0 Z3 ~, p+ }disabled=no7 s! `6 i, ~0 A0 g  X- b$ d) o
add chain=forward connection-state=established action=accept \
4 T1 f& o0 L( Y, P9 k+ Ucomment=”接受以连接的数据包” disabled=no
9 Z& q: M; d) g/ ?- D" U; J$ Tadd chain=forward connection-state=related action=accept \
3 R" R2 f4 y4 N! C) Bcomment=”接受相关数据包” disabled=no- s' E1 L8 _! c) V! `7 y
add chain=forward connection-state=invalid action=drop \5 |, |& Q' |7 v+ E
comment=”丢弃非法数据包” disabled=no5 {6 w: `" K0 W( s: ~5 |
add chain=forward protocol=tcp connection-limit=50,32 action=drop \' b, a0 Z7 E. S- t5 H4 ?) J4 X
comment=”限制每个主机TCP连接数为50条” disabled=no
8 {% C# l# W+ R/ k+ W& Radd chain=forward src-address-type=!unicast action=drop \
7 q8 a# u) D" Y6 a& a0 f4 `: Pcomment=”丢弃掉所有非单播数据” disabled=no% b$ V" Q0 @! ?( ^+ y2 v
add chain=forward protocol=icmp action=jump jump-target=ICMP \
: V3 m( ?0 d% J4 |7 Q9 z# Kcomment=”跳转到ICMP链表” disabled=no
9 i0 P2 S9 K3 C6 |( I; Yadd chain=forward action=jump jump-target=virus comment=”跳转到病毒链表” \
9 Z5 u/ j2 h  f# M& X8 i! Mdisabled=no! A! p9 N; h9 F7 k
add chain=virus protocol=tcp dst-port=41 action=drop \
4 A) s$ ?& I4 ~6 K: p, kcomment=”DeepThroat.Trojan-1″ disabled=no
8 n3 u( @7 u4 G4 t2 O$ {/ O# Nadd chain=virus protocol=tcp dst-port=82 action=drop \! |/ v1 U1 p, z# ?  e
comment=”Worm.NetSky.Y@mm” disabled=no
. x' A1 _3 J) U; z, O8 H5 nadd chain=virus protocol=tcp dst-port=113 action=drop \8 H) K4 k4 K. i
comment=”W32.Korgo.A/B/C/D/E/F-1″ disabled=no( A" g8 S% m9 S4 X! b
add chain=virus protocol=tcp dst-port=2041 action=drop \
0 W% P% N4 a& L5 y- h: ncomment=”W33.Korgo.A/B/C/D/E/F-2″ disabled=no
2 V/ Q1 G/ G& D( J3 C6 n$ Y" |) nadd chain=virus protocol=tcp dst-port=3150 action=drop \" l2 r) V/ w+ d0 v
comment=”DeepThroat.Trojan-2″ disabled=no; A; [% M- m9 E1 X6 c7 B7 Q+ p* I
add chain=virus protocol=tcp dst-port=3067 action=drop \
" t  i* W2 j8 X) s; t0 Dcomment=”W32.Korgo.A/B/C/D/E/F-3″ disabled=no3 G# o8 g7 k$ f. Q( P9 R9 [! \2 p
add chain=virus protocol=tcp dst-port=3422 action=drop \! {$ ^: N7 q$ P
comment=”Backdoor.IRC.Aladdinz.R-1″ disabled=no
. g5 E& |7 Z7 F0 @8 badd chain=virus protocol=tcp dst-port=6667 action=drop \
5 u! A7 k8 V) A: [' ?comment=”W32.Korgo.A/B/C/D/E/F-4″ disabled=no
/ T* s# }, B6 R$ y! X3 \- ?add chain=virus protocol=tcp dst-port=6789 action=drop \
1 |1 R+ A% f% M# w# |4 Rcomment=”Worm.NetSky.S/T/U@mm” disabled=no) e6 ~# t6 s' @
add chain=virus protocol=tcp dst-port=8787 action=drop \
; i$ \* N( m$ m: |' ycomment=”Back.Orifice.2000.Trojan-1″ disabled=no2 m4 W% ~, {: m8 ^9 ^7 ~( p6 R
add chain=virus protocol=tcp dst-port=8879 action=drop \
( X* N  |6 o7 U, {; H1 ucomment=”Back.Orifice.2000.Trojan-2″ disabled=no* t: f3 h% j8 v! k9 d$ L& V1 z
add chain=virus protocol=tcp dst-port=8967 action=drop \
* X1 z* c% P, V7 ~2 ^' [+ scomment=”W32.Dabber.A/B-2″ disabled=no; ^1 C/ o4 S0 @( O0 c* H) f. H
add chain=virus protocol=tcp dst-port=9999 action=drop \
4 N. F" u0 y1 B( P, [comment=”W32.Dabber.A/B-3″ disabled=no, _2 i$ q* M: C% H9 i0 s8 Z( T
add chain=virus protocol=tcp dst-port=20034 action=drop \: ~) b7 [' r6 u% F, \
comment=”Block.NetBus.Trojan-2″ disabled=no
) T% m% ^% @  \+ i* |; u& wadd chain=virus protocol=tcp dst-port=21554 action=drop \- X8 |: |3 N+ ^3 e; W9 M4 Q" u
comment=”GirlFriend.Trojan-1″ disabled=no
4 q, r6 S1 \( i% P7 r. ^add chain=virus protocol=tcp dst-port=31666 action=drop \, u6 H5 H. t! \3 ~) [* ^7 B' |
comment=”Back.Orifice.2000.Trojan-3″ disabled=no
) {0 o1 N/ k3 F( R6 K. l8 E+ vadd chain=virus protocol=tcp dst-port=43958 action=drop \
" Z. G8 B: c8 m0 M+ [comment=”Backdoor.IRC.Aladdinz.R-2″ disabled=no! ^. p% p( K7 J; f' _" s
add chain=virus protocol=tcp dst-port=999 action=drop \
' g4 f7 J& q8 E6 E) _. _: z$ Kcomment=”DeepThroat.Trojan-3″ disabled=no# I* G& A& `1 r3 o! Y% j- K" P
add chain=virus protocol=tcp dst-port=6670 action=drop \
. p/ V* r) W. q6 ucomment=”DeepThroat.Trojan-4″ disabled=no+ H" x% J' x' W  i1 A
add chain=virus protocol=tcp dst-port=6771 action=drop \  Z+ C9 D2 S8 f" u- x0 v2 ]3 d
comment=”DeepThroat.Trojan-5″ disabled=no# a. H# h% L3 o, j; K! _; Y
add chain=virus protocol=tcp dst-port=60000 action=drop \  ^. T3 O: w: J
comment=”DeepThroat.Trojan-6″ disabled=no
# {8 W) n! S( w8 {) ^add chain=virus protocol=tcp dst-port=2140 action=drop \9 A8 L) n7 T* n5 ?: M
comment=”DeepThroat.Trojan-7″ disabled=no
4 l3 L' R- Q' ?add chain=virus protocol=tcp dst-port=10067 action=drop \
  k( w  f% _  n) p" E# Dcomment=”Portal.of.Doom.Trojan-1″ disabled=no
0 p6 N, i3 G# ?1 D  fadd chain=virus protocol=tcp dst-port=10167 action=drop \
3 ?1 J) x! s1 \1 D% y7 Icomment=”Portal.of.Doom.Trojan-2″ disabled=no
8 _5 W' J: f' ~* c# Z9 C, i; ?add chain=virus protocol=tcp dst-port=3700 action=drop \8 A/ z6 L, m' u7 o+ R# U4 V3 }
comment=”Portal.of.Doom.Trojan-3″ disabled=no
2 V. _' o) q& \  L. u& tadd chain=virus protocol=tcp dst-port=9872-9875 action=drop \" N4 f7 T3 X# B' s
comment=”Portal.of.Doom.Trojan-4″ disabled=no
/ Q) N4 m. h5 @: i. ?5 ~3 eadd chain=virus protocol=tcp dst-port=6883 action=drop \: R( i# F& D0 q& z: A
comment=”Delta.Source.Trojan-1″ disabled=no& v* X9 f6 N/ K, y
add chain=virus protocol=tcp dst-port=26274 action=drop \
3 T# Q* v0 f* T. fcomment=”Delta.Source.Trojan-2″ disabled=no
: G6 G, a4 V6 I7 @& L9 sadd chain=virus protocol=tcp dst-port=4444 action=drop \/ Y& G* p0 [' z
comment=”Delta.Source.Trojan-3″ disabled=no
6 k' z/ Z. T5 _* K' F6 n) Uadd chain=virus protocol=tcp dst-port=47262 action=drop \% H9 O8 a5 g  k* _5 g" }+ N) P
comment=”Delta.Source.Trojan-4″ disabled=no
4 m5 ^8 {7 u% g, @add chain=virus protocol=tcp dst-port=3791 action=drop \; j5 ?" f0 l5 e% Z
comment=”Eclypse.Trojan-1″ disabled=no
6 m, G, [2 v. Q: ?$ b* V( i! N+ {0 eadd chain=virus protocol=tcp dst-port=3801 action=drop \4 j. }; b7 @0 J3 c: j5 @& v! ?
comment=”Eclypse.Trojan-2″ disabled=no& h! G9 f8 {" b  Z9 a
add chain=virus protocol=tcp dst-port=65390 action=drop \
- g7 \& _4 r2 ~! H$ ?3 I6 S1 Mcomment=”Eclypse.Trojan-3″ disabled=no4 X" b, C2 G* N- C
add chain=virus protocol=tcp dst-port=5880-5882 action=drop \
% m2 `0 \/ o$ \& Bcomment=”Y3K.RAT.Trojan-1″ disabled=no8 T& U! q+ `/ x* R" `3 }; c
add chain=virus protocol=tcp dst-port=5888-5889 action=drop \0 r5 B; G% H6 F( p% \' w( U! G
comment=”Y3K.RAT.Trojan-2″ disabled=no
  T( ], V6 q7 L( X  Madd chain=virus protocol=tcp dst-port=30100-30103 action=drop \
$ H9 E) g. K8 z& p6 pcomment=”NetSphere.Trojan-1″ disabled=no& g# S. n) H* R; m' j- O+ E
add chain=virus protocol=tcp dst-port=30133 action=drop \
$ H/ I' c0 d3 N' tcomment=”NetSphere.Trojan-2″ disabled=no
: Y6 S7 x9 m3 b# k6 s+ Z4 Zadd chain=virus protocol=tcp dst-port=7300-7301 action=drop \
1 T6 v+ [- U9 ~7 g- V3 p& Hcomment=”NetMonitor.Trojan-1″ disabled=no
1 h9 d& q8 v) J0 @% Gadd chain=virus protocol=tcp dst-port=7306-7308 action=drop \) ~- h! p9 y3 M* r* p$ j
comment=”NetMonitor.Trojan-2″ disabled=no
; d# C5 g3 H3 g/ m  c' yadd chain=virus protocol=tcp dst-port=79 action=drop \- d8 d0 I" f/ B+ V
comment=”FireHotcker.Trojan-1″ disabled=no& _. a! @# v' {# U* R+ `, U4 ^
add chain=virus protocol=tcp dst-port=5031 action=drop \# Y% S4 P7 V* J( i
comment=”FireHotcker.Trojan-2″ disabled=no
. w+ h3 o3 B, l5 sadd chain=virus protocol=tcp dst-port=5321 action=drop \
/ j  O! J! k- D2 g5 g, ecomment=”FireHotcker.Trojan-3″ disabled=no
  W; E, ~% y3 k. e. G$ h0 V# xadd chain=virus protocol=tcp dst-port=6400 action=drop \
. [" J# Q7 D: u  e) A; i7 `6 rcomment=”TheThing.Trojan-1″ disabled=no5 z9 p+ D$ @" t! [1 `
add chain=virus protocol=tcp dst-port=7777 action=drop \( t$ ]2 T' d0 M5 x, l! t
comment=”TheThing.Trojan-2″ disabled=no
/ [& w/ F6 @, l9 ?$ `add chain=virus protocol=tcp dst-port=1047 action=drop \
, N5 P0 z  B& u8 i1 s+ v' f9 Kcomment=”GateCrasher.Trojan-1″ disabled=no" `5 x0 p, e6 ?1 U
add chain=virus protocol=tcp dst-port=6969-6970 action=drop \
% z$ A+ `) ]+ a4 mcomment=”GateCrasher.Trojan-2″ disabled=no
* |6 V( \+ I: _- K+ o" Z, aadd chain=virus protocol=tcp dst-port=2774 action=drop comment=”SubSeven-1″ \/ _2 `: e* Z& c( n' o; }' r, i
disabled=no
+ k9 |. }) p/ padd chain=virus protocol=tcp dst-port=27374 action=drop comment=”SubSeven-2″ \
5 p) A8 A, P1 ~0 jdisabled=no/ V. j2 U% A0 \/ F, T6 V
add chain=virus protocol=tcp dst-port=1243 action=drop comment=”SubSeven-3″ \
! n. U% S6 l2 i8 Y7 Q' `disabled=no, g+ d* J6 b  n
add chain=virus protocol=tcp dst-port=1234 action=drop comment=”SubSeven-4″ \
$ x1 c- K( p* M( P; Jdisabled=no7 O2 f7 ~# j0 E$ L3 z/ h; t
add chain=virus protocol=tcp dst-port=6711-6713 action=drop \: j& D0 P4 {; I( ?* N
comment=”SubSeven-5″ disabled=no
$ t0 V( ]# R4 s7 {" ~add chain=virus protocol=tcp dst-port=16959 action=drop comment=”SubSeven-7″ \
. p) i0 y, a* D  U3 kdisabled=no- |' e; H( p) [7 c8 _# \
add chain=virus protocol=tcp dst-port=25685-25686 action=drop \% o$ s% h8 g% y* Y' W
comment=”Moonpie.Trojan-1″ disabled=no- w4 Y6 Y, {4 j3 p6 I9 v
add chain=virus protocol=tcp dst-port=25982 action=drop \  P: K; M9 X$ H1 B1 g7 i  Z
comment=”Moonpie.Trojan-2″ disabled=no/ ?& o3 O; a0 R: k" p9 b: t
add chain=virus protocol=tcp dst-port=31337-31339 action=drop \
# S* r: q) u- W/ N) G8 A5 [comment=”NetSpy.Trojan-3″ disabled=no  ^% @$ E( v$ F  s" p
add chain=virus protocol=tcp dst-port=8102 action=drop comment=”Trojan” \
3 ?/ k1 f8 A! H% F1 }! N9 A% A0 Tdisabled=no& a( s  l& A8 d5 S% p4 D
add chain=virus protocol=tcp dst-port=8011 action=drop comment=”WAY.Trojan” \
  n4 M: V+ I9 k+ _9 u3 qdisabled=no) \/ Y6 v/ K, T+ Y5 ]9 H2 n7 o
add chain=virus protocol=tcp dst-port=7626 action=drop comment=”Trojan.BingHe” \
6 ]% e/ {, b3 t: g9 `. Q5 [3 j2 [disabled=no8 Z, Z5 t$ \- b+ \
add chain=virus protocol=tcp dst-port=19191 action=drop \% T8 @% q2 U; R' r2 @
comment=”Trojan.NianSeHoYian” disabled=no
7 I- n. X1 V: @& Z5 r/ Tadd chain=virus protocol=tcp dst-port=23444-23445 action=drop \+ ]# @7 Y! d5 ~" W& i
comment=”NetBull.Trojan” disabled=no
5 }/ G6 R1 g  E6 nadd chain=virus protocol=tcp dst-port=2583 action=drop \
" c: E% m; D7 b) T! Lcomment=”WinCrash.Trojan-1″ disabled=no0 U- d0 ?" W( B3 F2 ^
add chain=virus protocol=tcp dst-port=3024 action=drop \5 s& [4 p2 D* }" g
comment=”WinCrash.Trojan-2″ disabled=no9 k: b; X2 f5 n7 `+ y9 K, d5 {
add chain=virus protocol=tcp dst-port=4092 action=drop \
5 {+ d9 ^2 E" x1 jcomment=”WinCrash.Trojan-3″ disabled=no/ R& l! m6 I# e& |: C# g) o
add chain=virus protocol=tcp dst-port=5714 action=drop \
% R2 q4 i, ~. D& z; O" q- Vcomment=”WinCrash.Trojan-4″ disabled=no$ ~/ x9 k% G+ s

1 T3 z8 D! J0 d7 Z# @! z5 t; `$ O& E* F0 @5 l( R
用易-小卢

2

回帖

567

积分

52 小时

在线时间

中尉

注册时间
2016-1-6
金币
493 个
威望
0 个
荣誉
0 个
累计签到:35 天
连续签到:0 天
[LV.50]初入江湖
发表于 2016-8-31 17:45
add chain=virus protocol=tcp dst-port=1010-1012 action=drop \8 L/ a! y5 D) u( m8 H" M3 l1 z
comment=”Doly1.0/1.35/1.5trojan-1″ disabled=no
0 y. U0 X6 J7 w: `; P9 gadd chain=virus protocol=tcp dst-port=1015 action=drop \2 {! V0 |7 a9 P: P1 F# c' Z
comment=”Doly1.0/1.35/1.5trojan-2″ disabled=no
. q6 ?3 t. R; a8 xadd chain=virus protocol=tcp dst-port=2004-2005 action=drop \$ v1 d1 p  n% ~- D, {& ~+ L, X( j
comment=”TransScout.Trojan-1″ disabled=no+ j3 i! O7 l) K5 w5 d/ t1 d
add chain=virus protocol=tcp dst-port=9878 action=drop \+ H, Q' z9 O: \: |7 o# t
comment=”TransScout.Trojan-2″ disabled=no0 D1 l# [2 ]8 G3 o8 @
add chain=virus protocol=tcp dst-port=2773 action=drop \. T: s& \( k5 w
comment=”Backdoor.YAI..Trojan-1″ disabled=no' |6 U# Y( d3 ~3 H7 J/ _
add chain=virus protocol=tcp dst-port=7215 action=drop \
. M3 ?3 p% V* S8 P2 qcomment=”Backdoor.YAI.Trojan-2″ disabled=no! |" l1 |$ `9 B  X5 ~! u. m
add chain=virus protocol=tcp dst-port=54283 action=drop \
' P$ I  Q: O9 u( r7 pcomment=”Backdoor.YAI.Trojan-3″ disabled=no
0 R$ F+ k5 A/ Q& Gadd chain=virus protocol=tcp dst-port=1003 action=drop \. V% N; b# ]3 S/ {- l' ?; S4 F7 @
comment=”BackDoorTrojan-1″ disabled=no
. g2 @/ C( A' madd chain=virus protocol=tcp dst-port=5598 action=drop \$ _7 X8 ^! I4 Y: `
comment=”BackDoorTrojan-2″ disabled=no0 o' i$ W, R2 r  l9 a
add chain=virus protocol=tcp dst-port=5698 action=drop \  Z7 D0 [' N% _# X7 a0 y
comment=”BackDoorTrojan-3″ disabled=no
+ J! [' z1 K1 d/ E- aadd chain=virus protocol=tcp dst-port=31554 action=drop \
& C5 ~" i5 \2 X$ U, f7 E: [1 G, Mcomment=”SchainwindlerTrojan-2″ disabled=no
$ C2 B! X; S9 s! ~) Z8 K2 N4 b7 zadd chain=virus protocol=tcp dst-port=18753 action=drop \
1 h2 w3 k4 O3 `+ D/ \" y; O& Ccomment=”Shaft.DDoS.Trojan-1″ disabled=no+ L3 b; ~: ~) Z
add chain=virus protocol=tcp dst-port=20432 action=drop \! _* B% D6 i+ g0 X, D- s5 a( {
comment=”Shaft.DDoS.Trojan-2″ disabled=no
+ ~- v4 h7 T6 e, l9 O8 e! Xadd chain=virus protocol=tcp dst-port=65000 action=drop \6 ^. S6 f6 S) t, @; J, S
comment=”Devil.DDoS.Trojan” disabled=no
5 d; m% b5 z, L4 ladd chain=virus protocol=tcp dst-port=11831 action=drop \) M" J: A+ i" h( h9 q9 j! }6 G& X
comment=”LatinusTrojan-1″ disabled=no
, N; Y/ p" d- [* Q$ S& g7 Y0 g7 uadd chain=virus protocol=tcp dst-port=29559 action=drop \
. \! Y4 N2 P+ l( Bcomment=”LatinusTrojan-2″ disabled=no
$ U6 o: o% o4 l1 [2 i3 zadd chain=virus protocol=tcp dst-port=1784 action=drop \
, K% }8 D; H/ N- L$ z0 a+ rcomment=”Snid.X2Trojan-1″ disabled=no
, k: H: Z, [$ L, J- p2 Fadd chain=virus protocol=tcp dst-port=3586 action=drop \
* p. f5 L3 \& P: Z( U0 ncomment=”Snid.X2Trojan-2″ disabled=no" _- s2 X  v* r% F
add chain=virus protocol=tcp dst-port=7609 action=drop \% ?- }- R" |/ H
comment=”Snid.X2Trojan-3″ disabled=no; r# H/ p& W! k3 V6 y, O
add chain=virus protocol=tcp dst-port=12348-12349 action=drop \
7 f: \' X+ I' U1 y: u, a# c# q7 gcomment=”BionetTrojan-1″ disabled=no, f! x3 Q, S9 d2 U
add chain=virus protocol=tcp dst-port=12478 action=drop \" M: G, c, j! _
comment=”BionetTrojan-2″ disabled=no
2 H& ?0 X$ R2 I- T- Y& Nadd chain=virus protocol=tcp dst-port=57922 action=drop \2 O, A) s6 [# S5 a3 J
comment=”BionetTrojan-3″ disabled=no
) v, C+ g2 M) e8 }0 v$ i* kadd chain=virus protocol=tcp dst-port=3127 action=drop \' s* Q# ^! a3 o+ A9 |, x8 X! z* a
comment=”Worm.Novarg.a.Mydoom.a1.” disabled=no
( p: J( H: L( k( Tadd chain=virus protocol=tcp dst-port=6777 action=drop \/ X0 \& M& X* t; U6 J3 o- ?& ~2 A
comment=”Worm.BBeagle.a.Bagle.a.” disabled=no0 ?# k1 l# o; ^; r2 e1 r# E1 K; `
add chain=virus protocol=tcp dst-port=8866 action=drop \! X4 h# k7 N! l7 G
comment=”Worm.BBeagle.b” disabled=no& y  x- T( I2 `1 c! k
add chain=virus protocol=tcp dst-port=2745 action=drop \  @( U! N& }8 J. P
comment=”Worm.BBeagle.c-g/j-l” disabled=no
) k4 d1 M, G1 y0 \" E' U; t0 m* xadd chain=virus protocol=tcp dst-port=2556 action=drop \# T+ y' ?7 X0 X. T0 m5 y9 Q9 V" e
comment=”Worm.BBeagle.p/q/r/n” disabled=no
9 ?- i6 o- j9 ^add chain=virus protocol=tcp dst-port=20742 action=drop \
! x3 T& q5 I% {! Ycomment=”Worm.BBEagle.m-2″ disabled=no5 r/ \" ^8 i6 r9 _  G* M$ c
add chain=virus protocol=tcp dst-port=4751 action=drop \
6 ?& P, i* Z" J0 Z, scomment=”Worm.BBeagle.s/t/u/v” disabled=no
% y' |0 [$ U' @( z- `  Wadd chain=virus protocol=tcp dst-port=2535 action=drop \
/ Q$ {) R0 |) c2 A1 r- X$ n" y1 gcomment=”Worm.BBeagle.aa/ab/w/x-z-2″ disabled=no9 Z7 _8 U6 k( X' _
add chain=virus protocol=tcp dst-port=5238 action=drop \
9 f0 ~& E$ n0 S3 V( o' N$ Ecomment=”Worm.LovGate.r.RpcExploit” disabled=no, {: t9 p; b" \" C7 D! T* T1 V
add chain=virus protocol=tcp dst-port=1068 action=drop comment=”Worm.Sasser.a” \- Y8 d: Y6 O- l3 A  F
disabled=no. a3 p) t! E; O, t; @& @' r: V! M4 q
add chain=virus protocol=tcp dst-port=5554 action=drop \
; ^9 ?9 i6 I2 t, ]" Y5 M& S( ecomment=”Worm.Sasser.b/c/f” disabled=no
% e, p+ P/ H# k4 ~1 b2 Dadd chain=virus protocol=tcp dst-port=9996 action=drop \
8 T+ q* D; K* `, l. ecomment=”Worm.Sasser.b/c/f” disabled=no
9 K1 b) r& w0 F3 y2 gadd chain=virus protocol=tcp dst-port=9995 action=drop comment=”Worm.Sasser.d” \
5 A8 P8 p+ k0 i: L* Q2 `4 C( tdisabled=no: e2 v7 n0 l/ s% B
add chain=virus protocol=tcp dst-port=10168 action=drop \
. h4 s7 N- U2 F1 @# pcomment=”Worm.Lovgate.a/b/c/d” disabled=no  p# ?# R4 X3 @' M
add chain=virus protocol=tcp dst-port=20808 action=drop \
7 K! B* \5 Y, [% Q1 \comment=”Worm.Lovgate.v.QQ” disabled=no7 b! `& ^* h- U7 w
add chain=virus protocol=tcp dst-port=1092 action=drop \- w9 A/ a$ a, q9 z9 H
comment=”Worm.Lovgate.f/g” disabled=no
8 r' b; M  N* u$ A3 y( z. c: Gadd chain=virus protocol=tcp dst-port=20168 action=drop \
) x# c  [% j! W2 N) dcomment=”Worm.Lovgate.f/g” disabled=no; i2 {; A# W. p1 C3 u4 q& r- |3 [: Q
add chain=virus protocol=tcp dst-port=1363-1364 action=drop \
; s7 |7 J/ ?5 d6 q+ p) Rcomment=”ndm.requester” disabled=no
  A, B1 D+ j; xadd chain=virus protocol=tcp dst-port=1368 action=drop comment=”screen.cast” \; z5 ~) N3 g' t8 Q5 E4 Y3 W9 o
disabled=no
+ y" A" f: \4 cadd chain=virus protocol=tcp dst-port=1373 action=drop comment=”hromgrafx” \6 F( d3 @. o* i0 w2 q9 a
disabled=no
, S% F2 \! k. p# madd chain=virus protocol=tcp dst-port=1377 action=drop comment=”cichainlid” \
, e2 C/ |- S$ z& c. R4 j! T5 ddisabled=no
+ E+ T3 D6 v. h5 h* h6 ~% xadd chain=virus protocol=tcp dst-port=3410 action=drop \( w! _3 G4 y: B; M8 V2 d
comment=”Backdoor.Optixprotocol” disabled=no
3 y. h2 h: V, f2 xadd chain=virus protocol=tcp dst-port=8888 action=drop \
0 B- x9 H9 i. \/ @8 x, U8 }; M1 F" ecomment=”Worm.BBeagle.b” disabled=no$ S( o6 d) A6 x6 C; h7 {
add chain=virus protocol=udp dst-port=44444 action=drop \
! f$ u- G1 y9 Q; Mcomment=”Delta.Source.Trojan-7″ disabled=no
+ s+ ?, R# M$ }% H( f; Radd chain=virus protocol=udp dst-port=8998 action=drop \% m' I* w% ~: ~8 t4 H& P, z
comment=”Worm.Sobig.f-3″ disabled=no( }* q$ F2 i# h% ?  T: i
add chain=virus protocol=udp dst-port=123 action=drop comment=”Worm.Sobig.f-1″ \
$ C: K5 v6 Z4 A4 U. q/ w9 B* m) @disabled=no' W) e% @# S2 b7 R) }5 q3 ?
add chain=virus protocol=tcp dst-port=3198 action=drop \
! Y- S2 q' g/ h8 icomment=”Worm.Novarg.a.Mydoom.a2.” disabled=no5 @" i  Y! @7 C& b1 o
add chain=virus protocol=tcp dst-port=139 action=drop comment=”Drop Blaster \
& J/ y6 g  j3 U. l5 VWorm” disabled=no
, ~% P' E4 N. y* p; W6 badd chain=virus protocol=tcp dst-port=135 action=drop comment=”Drop Blaster \  w+ w+ p; {: s
Worm” disabled=no" i& S* [" k4 P4 a1 @) j- P
add chain=virus protocol=tcp dst-port=445 action=drop comment=”Drop Blaster \& Q9 y; F$ o9 v0 H# K2 c7 w; h! g
Worm” disabled=no( z/ o) [3 \# @% V5 v7 f
/ ip firewall connection tracking
! C* B  ~; z9 D+ \- sset enabled=yes tcp-syn-sent-timeout=5s tcp-syn-received-timeout=5s \
' h9 w/ U! h) @6 Y9 Wtcp-established-timeout=10h tcp-fin-wait-timeout=2m \
% }" O' `  C- w2 a& {tcp-close-wait-timeout=1m tcp-last-ack-timeout=30s \2 W# \' m# \2 q
tcp-time-wait-timeout=2m tcp-close-timeout=10s udp-timeout=30s \
) n0 A# `: Z# F% j( x9 w' Y/ R. Dudp-stream-timeout=3m icmp-timeout=10s generic-timeout=10m \
6 M) k! M) j* f9 atcp-syncookie=yes
冰峰_RTTU1

11

回帖

14

积分

0 小时

在线时间

新兵上阵

注册时间
2020-12-5
金币
3 个
威望
0 个
荣誉
0 个
累计签到:1 天
连续签到:0 天
[LV.20]漫游旅程
发表于 2020-12-5 14:33
Anywlan官方QQ群
返回列表

服务

行业资讯

刷机教程

超高密覆盖租赁

WiFi在线计算器和小工具

新手起步

站规一览

无线一步步

官方QQ群

充值/快速提高等级

关于Anywlan

关于我们

联系我们

成功案例

商务合作

站点统计 | Archiver | 手机版 | 无线门户 ( 粤ICP备11076993号|粤公网安备44010602008359号 ) |网站地图

GMT+8, 2025-5-2 11:30

返回顶部 返回列表