anusun's blog บันทึกไว้เป็นความจำ
Group Blog
 
All Blogs
 
MikroTik Firewall

/interface list
add name=WAN

/interface list member
add interface=pppoe-out1 list=WAN

/ip firewall filter
add action=drop chain=input comment="Drop scan port" src-address-list=hack_blacklist
add action=add-src-to-address-list address-list=hack_blacklist address-list-timeout=1d12h30m30s chain=input connection-state=new dst-port=21,22,23,80,81,2000,8291,8728 in-interface-list=WAN protocol=tcp src-address-list=hack_scan3
add action=add-src-to-address-list address-list=hack_scan3 address-list-timeout=1m chain=input connection-state=new dst-port=21,22,23,80,81,2000,8291,8728 in-interface-list=WAN protocol=tcp src-address-list=hack_scan2
add action=add-src-to-address-list address-list=hack_scan2 address-list-timeout=1m chain=input connection-state=new dst-port=21,22,23,80,81,2000,8291,8728 in-interface-list=WAN protocol=tcp src-address-list=hack_scan1
add action=add-src-to-address-list address-list=hack_scan1 address-list-timeout=1m chain=input connection-state=new dst-port=21,22,23,80,81,2000,8291,8728 in-interface-list=WAN protocol=tcp
add action=add-src-to-address-list address-list=hack_scan1 address-list-timeout=1m chain=forward connection-state=new out-interface-list=none

/ip firewall filter
add action=accept chain=input comment="still in WinBox" connection-state=established,related

/ip firewall filter
add action=add-src-to-address-list address-list=knock1_list address-list-timeout=1m chain=input comment="knock port 1" dst-port=1234 protocol=tcp
add action=add-src-to-address-list address-list=knock2_list address-list-timeout=1m chain=input comment="knock port 2" dst-port=2345 protocol=tcp src-address-list=knock1_list
add action=add-src-to-address-list address-list=knock3_list address-list-timeout=10m chain=input comment="knock port 3" dst-port=3456 protocol=tcp src-address-list=knock2_list
add action=accept chain=input comment="knock port 4" src-address-list=knock3_list
add action=drop chain=input comment="knock port 5"
 


Create Date : 19 ตุลาคม 2562
Last Update : 19 ตุลาคม 2562 14:39:35 น. 0 comments
Counter : 602 Pageviews.
Share

ชื่อ : * blog นี้ comment ได้เฉพาะสมาชิก
Comment :
  *ส่วน comment ไม่สามารถใช้ javascript และ style sheet
 

anusun
Location :


[Profile ทั้งหมด]

ฝากข้อความหลังไมค์
Rss Feed
Smember
ผู้ติดตามบล็อก : 8 คน [?]

Friends' blogs
[Add anusun's blog to your web]
Links
 

 Pantip.com | PantipMarket.com | Pantown.com | © 2004 BlogGang.com allrights reserved.