ubnt解决方案
无线论坛»论坛 无线应用 - 为无线加双飞翔的翅膀 软路由学习和交流 ROS防火墙脚本
返回列表 发新帖
查看: 1590|回复: 2

[RouterOS] ROS防火墙脚本

[复制链接]
用易-小卢

2

回帖

567

积分

52 小时

在线时间

中尉

注册时间
2016-1-6
金币
493 个
威望
0 个
荣誉
0 个
累计签到:35 天
连续签到:0 天
[LV.50]初入江湖
发表于 2016-8-31 17:45 |显示全部楼层
/ ip firewall filter
: a$ _8 r. _" F7 L; m* Uadd chain=input connection-state=invalid action=drop \1 j4 }" `6 R. i  _
comment=”丢弃非法连接packets” disabled=no
) x) |' u4 K5 n, H3 j) Aadd chain=input protocol=tcp dst-port=80 connection-limit=90,0 action=drop \1 F0 m) O, r" }! l( f& \
comment=”限制总http连接数为90″ disabled=no. g+ i+ z; Y) N- C
add chain=input protocol=tcp psd=21,3s,3,1 action=drop \2 \2 g, x. S& b8 h# |3 ?+ Y% C
comment=”探测并丢弃端口扫描连接” disabled=no
! q. r6 Z8 C, K0 K; l! u9 {* o2 ladd chain=input protocol=tcp connection-limit=3,32 src-address-list=black_list \
9 \) E" N0 `3 ^# x- D! maction=tarpit comment=”压制DoS攻击” disabled=no
9 G- {) T9 }5 Y  I4 G, Gadd chain=input protocol=tcp connection-limit=10,32 \
; A- @& W7 |: M& P5 c) q: k$ p2 |: haction=add-src-to-address-list address-list=black_list \4 c1 Y. U# e$ J2 Z1 M- q% l
address-list-timeout=1d comment=”探测DoS攻击” disabled=no& l0 |* E" P! K
add chain=input dst-address-type=!local action=drop comment=”丢弃掉非本地数据” \0 {* o: B! j: A- w+ w0 F
disabled=no
2 u3 [% x5 L1 c$ ^( ?/ |4 Y4 d$ h- Sadd chain=input src-address-type=!unicast action=drop \
" I: o1 F6 Q2 a/ A. Pcomment=”丢弃掉所有非单播数据” disabled=no
8 @2 r# w" u% B, n) Zadd chain=input protocol=icmp action=jump jump-target=ICMP \( I! K6 M4 d' r* }( y1 K
comment=”跳转到ICMP链表” disabled=no
( A! d3 ]8 t$ p) Vadd chain=input protocol=tcp action=jump jump-target=virus \
( X. i' L6 y2 `3 dcomment=”跳转到病毒链表” disabled=no
. ?, ~! D$ p/ n5 M1 |. z  F1 z$ y" Tadd chain=ICMP protocol=icmp icmp-options=0:0-255 limit=5,5 action=accept \, n9 A$ A% F7 X9 K
comment=”Ping应答限制为每秒5个包” disabled=no) W( r0 T4 @4 _- Y/ ]
add chain=ICMP protocol=icmp icmp-options=3:3 limit=5,5 action=accept \
  Z& X3 p- Y3 k. acomment=”Traceroute限制为每秒5个包” disabled=no
( g' ~/ P+ W  A6 kadd chain=ICMP protocol=icmp icmp-options=3:4 limit=5,5 action=accept \3 L/ c& y1 f5 J! D
comment=”MTU线路探测限制为每秒5个包” disabled=no
7 U& o( H* A4 p8 z. ~- f" W$ x7 L& D# Iadd chain=ICMP protocol=icmp icmp-options=8:0-255 limit=5,5 action=accept \4 j% J& z9 x7 `% _$ q7 q
comment=”Ping请求限制为每秒5个包” disabled=no& n# m- x# u1 J2 ?- t
add chain=ICMP protocol=icmp icmp-options=11:0-255 limit=5,5 action=accept \, U* Z6 j: L* F" n- }
comment=”Trace TTL限制为每秒5个包” disabled=no
; G! l) S7 G4 p- ]0 radd chain=ICMP protocol=icmp action=drop comment=”丢弃掉任何ICMP数据” \* v0 b; p* c+ w/ h0 r, e; ^
disabled=no
5 ]0 \+ h, r8 _) Gadd chain=forward connection-state=established action=accept \
8 o# q( s0 S2 ^; fcomment=”接受以连接的数据包” disabled=no
! X* a% i# o9 R( `! Aadd chain=forward connection-state=related action=accept \3 C' ^# k5 ]/ `/ j( P$ H, C
comment=”接受相关数据包” disabled=no2 g6 z6 l6 G8 G4 @3 M+ Y6 z  B' B
add chain=forward connection-state=invalid action=drop \4 i" A( s( g5 z8 [8 a, R( r
comment=”丢弃非法数据包” disabled=no
: n" a1 M7 @3 e' cadd chain=forward protocol=tcp connection-limit=50,32 action=drop \
! G& x8 p- t4 c: E) g/ X9 ?comment=”限制每个主机TCP连接数为50条” disabled=no
0 V) T5 G4 i2 d/ R8 nadd chain=forward src-address-type=!unicast action=drop \/ B. D9 Z9 \5 \" y9 F7 i, C8 N
comment=”丢弃掉所有非单播数据” disabled=no8 w' j* P2 X- f5 }* r
add chain=forward protocol=icmp action=jump jump-target=ICMP \
1 M1 q* y2 ]& `9 m) ycomment=”跳转到ICMP链表” disabled=no
( A! I2 i$ c; z5 Z3 z* Radd chain=forward action=jump jump-target=virus comment=”跳转到病毒链表” \7 B) f/ |5 w4 ^/ r* u
disabled=no* M# n2 i/ J# d; E8 {0 C& V( ~' h7 F
add chain=virus protocol=tcp dst-port=41 action=drop \
4 S: n) H% s9 r* l, j" \comment=”DeepThroat.Trojan-1″ disabled=no
: U. U9 T/ H* o1 s: ~add chain=virus protocol=tcp dst-port=82 action=drop \
+ \+ G# i% f8 G0 ucomment=”Worm.NetSky.Y@mm” disabled=no
. n$ G  C* I) K1 V4 ?/ f7 oadd chain=virus protocol=tcp dst-port=113 action=drop \" a9 |& E# d+ ?+ R+ G( D' G# A4 d
comment=”W32.Korgo.A/B/C/D/E/F-1″ disabled=no4 x$ [9 K$ B3 w+ {& x
add chain=virus protocol=tcp dst-port=2041 action=drop \
0 x$ x9 l6 U3 b0 d2 d1 p0 mcomment=”W33.Korgo.A/B/C/D/E/F-2″ disabled=no
- a' N* m, N5 Wadd chain=virus protocol=tcp dst-port=3150 action=drop \
- `* p2 ^- H: D$ L: P7 pcomment=”DeepThroat.Trojan-2″ disabled=no
  @1 E8 ^+ }' X* o) H" Zadd chain=virus protocol=tcp dst-port=3067 action=drop \
' |+ G( ?( h  ?: y  [! ]  Vcomment=”W32.Korgo.A/B/C/D/E/F-3″ disabled=no
& ^1 l: C1 V$ v4 M4 t  Nadd chain=virus protocol=tcp dst-port=3422 action=drop \! l2 [2 w( G3 z( n2 m* w
comment=”Backdoor.IRC.Aladdinz.R-1″ disabled=no5 `  M+ P) h$ O# f9 B9 D
add chain=virus protocol=tcp dst-port=6667 action=drop \( t% v, u5 m. a  q  F
comment=”W32.Korgo.A/B/C/D/E/F-4″ disabled=no+ J/ [  s9 ~3 B, x1 Z. B, ^
add chain=virus protocol=tcp dst-port=6789 action=drop \5 V- `2 B; v" W& E
comment=”Worm.NetSky.S/T/U@mm” disabled=no+ B1 {" Q7 y# Q9 X, S$ a* [
add chain=virus protocol=tcp dst-port=8787 action=drop \
& ^7 }4 P( j# h7 O. Qcomment=”Back.Orifice.2000.Trojan-1″ disabled=no3 I5 j0 e  q. m+ n# T
add chain=virus protocol=tcp dst-port=8879 action=drop \0 y& K" n* J, }+ B$ m$ T
comment=”Back.Orifice.2000.Trojan-2″ disabled=no
+ q9 P% T. H* l9 I5 ?2 X: }% W! i% Padd chain=virus protocol=tcp dst-port=8967 action=drop \
# G" b( I* c. }  i2 vcomment=”W32.Dabber.A/B-2″ disabled=no" f, ^  z1 t0 e/ Y( O# T/ ^
add chain=virus protocol=tcp dst-port=9999 action=drop \
3 R8 p8 n: A. l7 c) W& k# qcomment=”W32.Dabber.A/B-3″ disabled=no, M' y+ @% H$ U9 a5 E
add chain=virus protocol=tcp dst-port=20034 action=drop \% T$ R  r, P+ D$ A: Q
comment=”Block.NetBus.Trojan-2″ disabled=no$ P- E+ u& [9 W
add chain=virus protocol=tcp dst-port=21554 action=drop \
2 ?6 M0 O7 m! I% O* v7 Acomment=”GirlFriend.Trojan-1″ disabled=no/ X+ J4 d* k: H: n* w, x+ W
add chain=virus protocol=tcp dst-port=31666 action=drop \
4 A) k$ ^2 G" ~# A% R; o2 Zcomment=”Back.Orifice.2000.Trojan-3″ disabled=no
" }9 C. f8 d0 p) Yadd chain=virus protocol=tcp dst-port=43958 action=drop \
$ ^/ f/ P+ _/ b+ t. Y& Q  wcomment=”Backdoor.IRC.Aladdinz.R-2″ disabled=no
( A6 X. ]5 ?! X) P( i9 i  gadd chain=virus protocol=tcp dst-port=999 action=drop \
! A$ s2 E" v) S6 L. Wcomment=”DeepThroat.Trojan-3″ disabled=no
& d( {$ Z# l+ q2 r/ ^add chain=virus protocol=tcp dst-port=6670 action=drop \( x- z; _. Q; H) D% P$ |4 U
comment=”DeepThroat.Trojan-4″ disabled=no
2 y5 q) f0 B2 ~, X$ u( iadd chain=virus protocol=tcp dst-port=6771 action=drop \
' u% i6 x: }0 g4 S$ Ucomment=”DeepThroat.Trojan-5″ disabled=no
: h. W! ^  m: ?' Hadd chain=virus protocol=tcp dst-port=60000 action=drop \
* P* W( Q0 ?0 gcomment=”DeepThroat.Trojan-6″ disabled=no$ [3 R$ H( G' a$ N8 _8 P
add chain=virus protocol=tcp dst-port=2140 action=drop \
& x' z5 p# {. E  C0 r7 G! dcomment=”DeepThroat.Trojan-7″ disabled=no
$ K" |: d; I% b; y$ h1 M8 C3 nadd chain=virus protocol=tcp dst-port=10067 action=drop \: y; L7 M, e2 [0 i+ D
comment=”Portal.of.Doom.Trojan-1″ disabled=no, H5 z- y) ^7 l4 F; O8 T
add chain=virus protocol=tcp dst-port=10167 action=drop \( c; T1 ]7 w& o7 w# I, v+ {
comment=”Portal.of.Doom.Trojan-2″ disabled=no. T" k; Q9 e4 `9 A& O
add chain=virus protocol=tcp dst-port=3700 action=drop \$ g2 p' P6 R* |- I- A' }
comment=”Portal.of.Doom.Trojan-3″ disabled=no
5 U: O1 |7 J; i) {- p5 s7 r- |add chain=virus protocol=tcp dst-port=9872-9875 action=drop \
: ^9 T8 w) w! w' Icomment=”Portal.of.Doom.Trojan-4″ disabled=no
3 h% f9 o  L4 a% k; \0 C) d' padd chain=virus protocol=tcp dst-port=6883 action=drop \. _7 w+ W8 F" d! B
comment=”Delta.Source.Trojan-1″ disabled=no
5 w$ ^0 E! W0 ^" U9 S: ?add chain=virus protocol=tcp dst-port=26274 action=drop \/ C; W, x3 Q6 x5 A/ c1 i4 k9 L* d( N
comment=”Delta.Source.Trojan-2″ disabled=no
5 J2 b2 g: {4 M+ A8 o6 w7 Cadd chain=virus protocol=tcp dst-port=4444 action=drop \
7 z/ ~- z( c0 Rcomment=”Delta.Source.Trojan-3″ disabled=no
  d+ _" `! {( l. j8 g7 L0 v5 wadd chain=virus protocol=tcp dst-port=47262 action=drop \
* r; [  \6 h7 n; \+ n5 g& a8 r9 _6 Hcomment=”Delta.Source.Trojan-4″ disabled=no) J3 V, {5 h* P1 h$ m9 U* M4 `
add chain=virus protocol=tcp dst-port=3791 action=drop \
) o* E4 l: I, w7 @$ F5 O# a; gcomment=”Eclypse.Trojan-1″ disabled=no& N- }: H! [  s: V$ `! f  Q% H" x
add chain=virus protocol=tcp dst-port=3801 action=drop \
' R. ^$ x* F! `% i" Tcomment=”Eclypse.Trojan-2″ disabled=no8 }1 L3 n& f& }; k/ r
add chain=virus protocol=tcp dst-port=65390 action=drop \
% K- E; b1 i( d. |% Dcomment=”Eclypse.Trojan-3″ disabled=no
5 b% J8 A: @2 Kadd chain=virus protocol=tcp dst-port=5880-5882 action=drop \
. I2 L9 b* Z2 Q0 a2 Rcomment=”Y3K.RAT.Trojan-1″ disabled=no
- r! O5 S6 q$ A) b4 M; Padd chain=virus protocol=tcp dst-port=5888-5889 action=drop \
# R7 k" q" W+ x( Xcomment=”Y3K.RAT.Trojan-2″ disabled=no! Y6 j9 {1 g: v9 w# h
add chain=virus protocol=tcp dst-port=30100-30103 action=drop \
! c/ y) l1 o$ t, g. U, ocomment=”NetSphere.Trojan-1″ disabled=no8 {* n3 ~  ?$ E3 a$ ^2 x
add chain=virus protocol=tcp dst-port=30133 action=drop \
& p; I5 J; L9 fcomment=”NetSphere.Trojan-2″ disabled=no
* @- B, u; L  O4 eadd chain=virus protocol=tcp dst-port=7300-7301 action=drop \
' Y) D( [+ [4 \' d; Kcomment=”NetMonitor.Trojan-1″ disabled=no* i* S" @3 d' k
add chain=virus protocol=tcp dst-port=7306-7308 action=drop \
- d& J: L, ~8 s! a8 t2 T! Qcomment=”NetMonitor.Trojan-2″ disabled=no
5 I# F/ [* n7 m! }9 D- A; I8 T, ?add chain=virus protocol=tcp dst-port=79 action=drop \" L7 L: n/ I" s! J7 |
comment=”FireHotcker.Trojan-1″ disabled=no
' i4 j. K' ^' Uadd chain=virus protocol=tcp dst-port=5031 action=drop \
" h4 q+ y, J: c& C; kcomment=”FireHotcker.Trojan-2″ disabled=no
$ i: j) }5 c. a; j! E6 s$ m6 Uadd chain=virus protocol=tcp dst-port=5321 action=drop \9 Y; B4 {6 _/ ?! k; r7 G# [7 Y
comment=”FireHotcker.Trojan-3″ disabled=no  F$ v7 _) |7 r: m- }2 ?
add chain=virus protocol=tcp dst-port=6400 action=drop \
" z0 `, u& T4 q& j) Gcomment=”TheThing.Trojan-1″ disabled=no
2 V/ N3 Q; |+ T+ W7 h, b* E5 i$ tadd chain=virus protocol=tcp dst-port=7777 action=drop \: M; s1 ?: o# A! @  m
comment=”TheThing.Trojan-2″ disabled=no6 _% Z7 m1 O% x; P
add chain=virus protocol=tcp dst-port=1047 action=drop \
+ g: V$ ]" I5 ]  Wcomment=”GateCrasher.Trojan-1″ disabled=no
5 G  u. m1 }* l9 Aadd chain=virus protocol=tcp dst-port=6969-6970 action=drop \% j3 \1 C" u  d' I1 ]* X7 ^
comment=”GateCrasher.Trojan-2″ disabled=no- C; t# [8 a& J, _) H2 V
add chain=virus protocol=tcp dst-port=2774 action=drop comment=”SubSeven-1″ \) m2 @- v. \* ~" n, T' G
disabled=no
! H6 W: m6 k& V$ a$ r# j! Zadd chain=virus protocol=tcp dst-port=27374 action=drop comment=”SubSeven-2″ \# V6 V' d, D& L$ H; h
disabled=no
* w5 `+ U/ Q1 y+ s' [add chain=virus protocol=tcp dst-port=1243 action=drop comment=”SubSeven-3″ \& y5 B5 [' o2 K. u
disabled=no
$ T1 ^7 N  q# [- F) j/ q$ nadd chain=virus protocol=tcp dst-port=1234 action=drop comment=”SubSeven-4″ \
" e# r( C% b1 H3 G: Hdisabled=no& `; J) C) a1 K. r1 W
add chain=virus protocol=tcp dst-port=6711-6713 action=drop \2 b+ \9 y* ~% w; }
comment=”SubSeven-5″ disabled=no2 H* F# N5 ~. T+ W7 z+ G
add chain=virus protocol=tcp dst-port=16959 action=drop comment=”SubSeven-7″ \
- h4 ]0 b0 N8 ?3 R3 ?% x& }disabled=no
( C; M5 C  @5 g0 Q- C- P0 O' Wadd chain=virus protocol=tcp dst-port=25685-25686 action=drop \) n; v: ^( o# H$ h, p- x
comment=”Moonpie.Trojan-1″ disabled=no; j1 \  O1 p% t3 B+ V
add chain=virus protocol=tcp dst-port=25982 action=drop \% L, W7 |3 G. q
comment=”Moonpie.Trojan-2″ disabled=no
0 K7 T4 V1 z) a, a% j" hadd chain=virus protocol=tcp dst-port=31337-31339 action=drop \
0 z* w7 J" Y4 ~& x8 Dcomment=”NetSpy.Trojan-3″ disabled=no2 @1 o; ]. p4 }. w: m% x* ~; k5 [
add chain=virus protocol=tcp dst-port=8102 action=drop comment=”Trojan” \
9 s) a* w0 ~: g4 Sdisabled=no8 S; ^# h" H. |
add chain=virus protocol=tcp dst-port=8011 action=drop comment=”WAY.Trojan” \$ Q% I* g) c0 z. x  y3 t
disabled=no
- j2 u9 q$ k9 s0 dadd chain=virus protocol=tcp dst-port=7626 action=drop comment=”Trojan.BingHe” \
. f7 Q6 Y5 H. Z  s& Ddisabled=no
8 i- p; z( D+ t( ]3 Eadd chain=virus protocol=tcp dst-port=19191 action=drop \
( b4 r2 Y- H0 ]: x4 B$ o3 ncomment=”Trojan.NianSeHoYian” disabled=no6 a/ h$ E8 X: O0 ^0 o' Z- \( {/ C
add chain=virus protocol=tcp dst-port=23444-23445 action=drop \
: F) p' n# e+ D$ g: F9 m( y6 g/ w/ @# x5 Dcomment=”NetBull.Trojan” disabled=no
5 W. M! w) r# Y* s  oadd chain=virus protocol=tcp dst-port=2583 action=drop \6 `) R! u! ~5 H7 V1 x0 o! J
comment=”WinCrash.Trojan-1″ disabled=no
5 N/ @5 Z/ b, n: D" ^# jadd chain=virus protocol=tcp dst-port=3024 action=drop \
9 @1 q; p( Y: O( gcomment=”WinCrash.Trojan-2″ disabled=no
3 a( [4 @+ g8 M' F: s) t5 aadd chain=virus protocol=tcp dst-port=4092 action=drop \
$ P$ t+ p/ r: @9 r6 ]comment=”WinCrash.Trojan-3″ disabled=no( p  f+ {) H, }1 R$ M( m" w
add chain=virus protocol=tcp dst-port=5714 action=drop \
& e1 h; i1 C% ]% J6 acomment=”WinCrash.Trojan-4″ disabled=no
: ~- l4 r  k. K- K4 A) }
  Y+ E( m7 k# N- c0 b# o( C8 z: j4 L& B" W2 G3 @
回复

使用道具 举报

用易-小卢

2

回帖

567

积分

52 小时

在线时间

中尉

注册时间
2016-1-6
金币
493 个
威望
0 个
荣誉
0 个
累计签到:35 天
连续签到:0 天
[LV.50]初入江湖
发表于 2016-8-31 17:45 |显示全部楼层
add chain=virus protocol=tcp dst-port=1010-1012 action=drop \$ i" W( I8 _& G! t1 H2 Q
comment=”Doly1.0/1.35/1.5trojan-1″ disabled=no% `- B; ^4 [# t/ L5 _0 h' A
add chain=virus protocol=tcp dst-port=1015 action=drop \- q/ `- T/ V- b* J! Z
comment=”Doly1.0/1.35/1.5trojan-2″ disabled=no) Z$ I2 X, z' E9 E5 t
add chain=virus protocol=tcp dst-port=2004-2005 action=drop \
: N- W" u. F; v* `2 v/ h2 {# Q8 n% zcomment=”TransScout.Trojan-1″ disabled=no
& `' O9 X+ @" A2 [: Dadd chain=virus protocol=tcp dst-port=9878 action=drop \
/ s% {% b& i* L8 y4 Rcomment=”TransScout.Trojan-2″ disabled=no
% ?# R8 D2 s& T. O, Zadd chain=virus protocol=tcp dst-port=2773 action=drop \
: y/ U8 d! N- ecomment=”Backdoor.YAI..Trojan-1″ disabled=no. z' @: Y& C! s0 n2 }& V# h* M
add chain=virus protocol=tcp dst-port=7215 action=drop \
4 Z+ \2 N' t3 U  x9 xcomment=”Backdoor.YAI.Trojan-2″ disabled=no* |% a3 B+ Q! w& Z0 e* R
add chain=virus protocol=tcp dst-port=54283 action=drop \% J! f9 g$ X3 l* m+ }5 w' G
comment=”Backdoor.YAI.Trojan-3″ disabled=no
# y9 n8 Z  h: P# e/ X/ z, Wadd chain=virus protocol=tcp dst-port=1003 action=drop \: P" _: Q' \/ H0 O1 e+ b1 d
comment=”BackDoorTrojan-1″ disabled=no
# Y- c: y( z2 W4 Cadd chain=virus protocol=tcp dst-port=5598 action=drop \' l! Y: t. p. E
comment=”BackDoorTrojan-2″ disabled=no
7 Y: F' b! o) u( Madd chain=virus protocol=tcp dst-port=5698 action=drop \. g  {3 }( I0 {- M. b
comment=”BackDoorTrojan-3″ disabled=no+ J6 ^3 i8 ?$ X2 y% u& P
add chain=virus protocol=tcp dst-port=31554 action=drop \
* v8 ^% b( V( Mcomment=”SchainwindlerTrojan-2″ disabled=no
, y' [' J9 f6 c1 `8 C4 k2 jadd chain=virus protocol=tcp dst-port=18753 action=drop \$ v( o1 \9 ]1 a
comment=”Shaft.DDoS.Trojan-1″ disabled=no0 I5 Z( p: F& I% m: h; ?* f
add chain=virus protocol=tcp dst-port=20432 action=drop \  e) N8 K, M+ e& d
comment=”Shaft.DDoS.Trojan-2″ disabled=no, v# O4 Z' K: O8 c
add chain=virus protocol=tcp dst-port=65000 action=drop \
, E/ G6 a+ h! s) {( m3 @. ^: Ccomment=”Devil.DDoS.Trojan” disabled=no
* P, D/ J# f" z0 Xadd chain=virus protocol=tcp dst-port=11831 action=drop \
8 l. W) c- H7 {; r2 H  G7 y- X1 Hcomment=”LatinusTrojan-1″ disabled=no) H2 K% [3 F& I* f' j  b
add chain=virus protocol=tcp dst-port=29559 action=drop \6 b+ q. y1 k3 B: e
comment=”LatinusTrojan-2″ disabled=no
- i; \, ~% f% U4 G7 c0 gadd chain=virus protocol=tcp dst-port=1784 action=drop \5 v+ q' q( N7 J' J
comment=”Snid.X2Trojan-1″ disabled=no
0 Z5 Q5 j8 s$ wadd chain=virus protocol=tcp dst-port=3586 action=drop \
+ e; h; R/ _- w# fcomment=”Snid.X2Trojan-2″ disabled=no: @! l9 Y+ H; O
add chain=virus protocol=tcp dst-port=7609 action=drop \" ~- \& c% I( V  x9 w! j0 N
comment=”Snid.X2Trojan-3″ disabled=no. k: I  N! L$ ^& c
add chain=virus protocol=tcp dst-port=12348-12349 action=drop \' |3 l. R, c# V/ n/ A0 s3 @
comment=”BionetTrojan-1″ disabled=no/ i, V, a% P" ~) h1 |+ T
add chain=virus protocol=tcp dst-port=12478 action=drop \
6 @4 ?* Z( n) `. z" Zcomment=”BionetTrojan-2″ disabled=no1 F0 b8 d4 O/ w. v. w# q
add chain=virus protocol=tcp dst-port=57922 action=drop \
8 a6 i& a7 z$ r, Ycomment=”BionetTrojan-3″ disabled=no" r* L3 H0 `: u5 s6 b$ |& z2 Y
add chain=virus protocol=tcp dst-port=3127 action=drop \! T) k4 Z6 f9 A+ ~8 ~# E9 f" _
comment=”Worm.Novarg.a.Mydoom.a1.” disabled=no; p" A6 P% R/ q
add chain=virus protocol=tcp dst-port=6777 action=drop \
9 p: m. {5 T0 ccomment=”Worm.BBeagle.a.Bagle.a.” disabled=no, {+ |; R  Y; x5 m0 r
add chain=virus protocol=tcp dst-port=8866 action=drop \) V3 {4 t7 s9 Z' y; {; Q' `
comment=”Worm.BBeagle.b” disabled=no" d& F; P4 _5 w. `6 m, ~
add chain=virus protocol=tcp dst-port=2745 action=drop \7 k/ `" |. z6 J+ U4 z7 [; P+ {5 a5 ~8 Z
comment=”Worm.BBeagle.c-g/j-l” disabled=no
& c2 c0 _! K% N+ ~7 R; v0 Fadd chain=virus protocol=tcp dst-port=2556 action=drop \
( d( y  i+ o" x0 q2 |% Ccomment=”Worm.BBeagle.p/q/r/n” disabled=no! w6 K+ @3 u, |" H
add chain=virus protocol=tcp dst-port=20742 action=drop \. R+ C5 U7 K; Z5 z
comment=”Worm.BBEagle.m-2″ disabled=no9 Z) {6 L* L" n# E& n0 N
add chain=virus protocol=tcp dst-port=4751 action=drop \$ Z4 P8 _) A$ |: m" s2 u- f. a5 Y
comment=”Worm.BBeagle.s/t/u/v” disabled=no! H: P$ W* r( C5 ?/ ^' n8 {; L
add chain=virus protocol=tcp dst-port=2535 action=drop \
3 ~  @: \! b7 g$ Z3 Rcomment=”Worm.BBeagle.aa/ab/w/x-z-2″ disabled=no
8 E: {* C& ^+ b- wadd chain=virus protocol=tcp dst-port=5238 action=drop \: D9 H) A: x/ D' e
comment=”Worm.LovGate.r.RpcExploit” disabled=no. N8 A# N/ J7 f! l
add chain=virus protocol=tcp dst-port=1068 action=drop comment=”Worm.Sasser.a” \
: d5 u" l2 R! _! `' s% Ddisabled=no7 L1 d3 X2 {2 ?9 I! ?2 r/ L( {
add chain=virus protocol=tcp dst-port=5554 action=drop \
0 x, v% F  `1 ]) H" Ecomment=”Worm.Sasser.b/c/f” disabled=no) ?% ~+ {, t  D! |; @! [
add chain=virus protocol=tcp dst-port=9996 action=drop \9 B/ e. ]. K3 w
comment=”Worm.Sasser.b/c/f” disabled=no; P9 r' q# i  o! D. s
add chain=virus protocol=tcp dst-port=9995 action=drop comment=”Worm.Sasser.d” \
  m8 U; z- C! ydisabled=no  {) z( `. G: Q. `, W9 N
add chain=virus protocol=tcp dst-port=10168 action=drop \
/ V( }2 F2 ?. L1 j5 W2 e8 Xcomment=”Worm.Lovgate.a/b/c/d” disabled=no
: U! i8 P( z, |" m: qadd chain=virus protocol=tcp dst-port=20808 action=drop \9 H& `3 s  M& G3 B7 P$ L
comment=”Worm.Lovgate.v.QQ” disabled=no' o* [- R/ q5 _6 k2 j: q
add chain=virus protocol=tcp dst-port=1092 action=drop \
% [$ d/ K0 l4 x/ p+ |comment=”Worm.Lovgate.f/g” disabled=no
. l  N  _3 N$ ~* k( _0 c* y/ P4 kadd chain=virus protocol=tcp dst-port=20168 action=drop \5 U( \3 n6 e  K9 @) [5 V, ]; _9 T# X6 t
comment=”Worm.Lovgate.f/g” disabled=no: p+ E( e4 [1 f) o- u
add chain=virus protocol=tcp dst-port=1363-1364 action=drop \
0 ?, f6 Q+ d" ^7 R1 R7 T! Ycomment=”ndm.requester” disabled=no+ x$ z9 d1 Q. V
add chain=virus protocol=tcp dst-port=1368 action=drop comment=”screen.cast” \
  r4 U" n! V$ x2 W2 Qdisabled=no
1 w2 L  P; V/ r! dadd chain=virus protocol=tcp dst-port=1373 action=drop comment=”hromgrafx” \
) X: H! m; V  v8 gdisabled=no! ]! o  E" V0 t
add chain=virus protocol=tcp dst-port=1377 action=drop comment=”cichainlid” \
  R4 i# F* V/ T; m& V- f* ydisabled=no
8 c: q5 S- l- i& P7 R/ [/ \add chain=virus protocol=tcp dst-port=3410 action=drop \+ s1 \% z8 q. i
comment=”Backdoor.Optixprotocol” disabled=no
6 F. b, w6 S+ o" ?, Nadd chain=virus protocol=tcp dst-port=8888 action=drop \9 _! ]2 V9 `7 m" p
comment=”Worm.BBeagle.b” disabled=no  ]: e. M. A% R5 D
add chain=virus protocol=udp dst-port=44444 action=drop \
. h- \0 H) P2 E4 C3 q0 ncomment=”Delta.Source.Trojan-7″ disabled=no  j" Z0 X* R& i3 \* x' U) e
add chain=virus protocol=udp dst-port=8998 action=drop \
  M! X# ]1 Q/ n; D  Rcomment=”Worm.Sobig.f-3″ disabled=no
5 G+ e4 m/ M9 f9 Qadd chain=virus protocol=udp dst-port=123 action=drop comment=”Worm.Sobig.f-1″ \2 }9 z2 N2 T4 {) l
disabled=no4 E% O/ f+ R8 v
add chain=virus protocol=tcp dst-port=3198 action=drop \
% j5 }* D+ f1 W2 Ycomment=”Worm.Novarg.a.Mydoom.a2.” disabled=no% I1 X, O( C. n0 M, u
add chain=virus protocol=tcp dst-port=139 action=drop comment=”Drop Blaster \
( p: E9 @6 X; X; _6 y. bWorm” disabled=no
, Z! b) {5 g; u1 ?add chain=virus protocol=tcp dst-port=135 action=drop comment=”Drop Blaster \
& C/ G& m( o* Z) i8 nWorm” disabled=no8 P# R0 Y0 p0 E1 s3 l
add chain=virus protocol=tcp dst-port=445 action=drop comment=”Drop Blaster \! ?1 ?& }0 T# R. _' ]
Worm” disabled=no+ d4 l+ S$ [! w! h7 @$ H, O
/ ip firewall connection tracking- E8 N$ l6 G* ], u+ X
set enabled=yes tcp-syn-sent-timeout=5s tcp-syn-received-timeout=5s \5 Y, v2 r7 Z/ x, U% C+ W
tcp-established-timeout=10h tcp-fin-wait-timeout=2m \7 ^! V, S. P5 [8 S# f
tcp-close-wait-timeout=1m tcp-last-ack-timeout=30s \
" u3 I0 y" J7 m! x0 X1 s6 _. p" O, @tcp-time-wait-timeout=2m tcp-close-timeout=10s udp-timeout=30s \
1 p2 R, I& g  I5 H" ^2 ludp-stream-timeout=3m icmp-timeout=10s generic-timeout=10m \
4 A/ a# ^) Q5 E& p- Htcp-syncookie=yes
回复

使用道具 举报

冰峰_RTTU1

11

回帖

14

积分

0 小时

在线时间

新兵上阵

注册时间
2020-12-5
金币
3 个
威望
0 个
荣誉
0 个
累计签到:1 天
连续签到:0 天
[LV.20]漫游旅程
发表于 2020-12-5 14:33 |显示全部楼层
Anywlan官方QQ群
回复

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册 微信登录

本版积分规则

服务

行业资讯

刷机教程

超高密覆盖租赁

WiFi在线计算器和小工具

新手起步

站规一览

无线一步步

官方QQ群

充值/快速提高等级

关于Anywlan

关于我们

联系我们

成功案例

商务合作

Archiver | 手机版 | 无线门户 ( 粤ICP备11076993号|粤公网安备44010602008359号 ) |网站地图

GMT+8, 2025-8-23 08:19

返回顶部 返回列表