/ip firewall filter
add action=accept chain=input comment="Accept winbox" disabled=no dst-port=\
8291 protocol=tcp
add action=drop chain=input comment="BLOQUEIA SCAN PELO WINBOX" disabled=no \
dst-port=5678 protocol=udp
add action=drop chain=input comment="bloqueio do proxy externo" disabled=no \
dst-port=3528 in-interface=redenetworks protocol=tcp
add action=drop chain=forward comment="" disabled=no dst-port=3528 \
in-interface=redenetworks protocol=tcp
add action=drop chain=output comment="" disabled=no dst-port=3528 \
out-interface=redenetworks protocol=tcp
add action=drop chain=input comment="" disabled=no dst-port=3528 \
in-interface=copel protocol=tcp
add action=drop chain=forward comment="" disabled=no dst-port=3528 \
in-interface=copel protocol=tcp
add action=drop chain=output comment="" disabled=no dst-port=3528 \
out-interface=copel protocol=tcp
add action=accept chain=input comment="ACEITAR CONEXOES PROXY" disabled=no \
dst-port=3528 in-interface=clientes protocol=tcp
add action=drop chain=forward comment=\
"Limitando numero conexoes simultaneas para 30 conecxao REDE CLIENTE" \
connection-limit=50,32 disabled=no in-interface=clientes packet-mark=\
!semlimite protocol=tcp tcp-flags=syn
add action=jump chain=input comment=\
"REPASSA TRAFEGO PARA VERIFICASAO DE PORTAS" disabled=no jump-target=\
"P2P E PORTAS"
add action=jump chain=forward comment="" disabled=no jump-target=\
"P2P E PORTAS"
add action=jump chain=input comment="REPASSA TRAFEGO PARA CANAL VIRUS" \
disabled=no jump-target=VIRUS
add action=jump chain=forward comment="" disabled=no jump-target=VIRUS
add action=jump chain=input comment="BLOQUEIO DE IPS BOGONS" disabled=no \
jump-target=BOGONS
add action=jump chain=forward comment="" disabled=no jump-target=BOGONS
add action=accept chain=input comment="ACEITA CONECSAO NOVAS" \
connection-state=new disabled=no
add action=accept chain=forward comment="" connection-state=new disabled=no
add action=accept chain=input comment="ACEITA CONECSAO ESTABELECIDA" \
connection-state=established disabled=no
add action=accept chain=forward comment="" connection-state=established \
disabled=no
add action=accept chain=input comment="ACEITA CONECSAO RELACIONADAS" \
connection-state=related disabled=no
add action=accept chain=forward comment="" connection-state=related disabled=\
no
add action=accept chain="P2P E PORTAS" comment="PORTAS E P2P /////////////////\
//////////////////////////////////////////////////////////////////////////\
/////////////////////////////////////////////////////" disabled=no \
dst-port=6346-6349 protocol=tcp
add action=accept chain="P2P E PORTAS" comment=FTP disabled=no dst-port=21 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="OUTLOOK EXPRESS" disabled=no \
dst-port=110 protocol=tcp
add action=accept chain="P2P E PORTAS" comment=DNS disabled=no dst-port=53 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment=E-MAIL disabled=no dst-port=25 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="portas do ITR" disabled=no \
dst-port=5636 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=5636 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=5653 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=5653 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=3456 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="autentica\E7\E3o do MSN" \
disabled=no dst-port=1863 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=1853 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment=skipe disabled=no dst-port=\
30369 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="PORTAS DO KAZAA" disabled=no \
dst-port=1214 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="PORTAS DO E-MULE" disabled=no \
dst-port=4662 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=4662 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=\
6346-6348 protocol=udp
add action=accept chain="P2P E PORTAS" comment="PORTAS DO BITTORRENT" \
disabled=no dst-port=6881-6889 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=\
6881-6889 protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=1214 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="PORTAS RANDON DO BIT TORRENT" \
disabled=no dst-port=57792 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=57792 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="porta servidor CS" disabled=\
no dst-port=27015 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27015 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27017 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27017 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27018 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27018 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27019 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27019 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27060 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27060 \
protocol=udp
add action=drop chain="P2P E PORTAS" comment="BLOQUEIA NETBIOS TCP" disabled=\
no dst-port=137-139 protocol=tcp src-port=137-139
add action=drop chain="P2P E PORTAS" comment="" disabled=no dst-port=445 \
protocol=tcp src-port=445
add action=drop chain="P2P E PORTAS" comment="BLOQUEIA NETBIOS UDP" disabled=\
no dst-port=137-139 protocol=udp src-port=137-139
add action=drop chain="P2P E PORTAS" comment="" disabled=no dst-port=445 \
protocol=udp src-port=445
add action=accept chain="P2P E PORTAS" comment="ALL P2P" disabled=no p2p=\
all-p2p
add action=drop chain=VIRUS comment="LISTA DE VIRUS///////////////////////////\
//////////////////////////////////////////////////////////////////////////\
////////////////////////////////////////////////////" disabled=no \
protocol=tcp src-port=445
add action=drop chain=VIRUS comment="" disabled=no dst-port=445 protocol=tcp
add action=drop chain=VIRUS comment="Drop Blaster Worm" disabled=no protocol=\
udp src-port=445
add action=drop chain=VIRUS comment="Drop Blaster Worm" disabled=no dst-port=\
445 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no protocol=tcp src-port=\
135-139
add action=drop chain=VIRUS comment="" disabled=no protocol=udp src-port=\
135-139
add action=drop chain=VIRUS comment="" disabled=no dst-port=135-139 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=135-139 protocol=\
udp
add action=drop chain=VIRUS comment=________ disabled=no dst-port=593 \
protocol=tcp
add action=drop chain=VIRUS comment=________ disabled=no dst-port=1024-1030 \
protocol=tcp