Pacotão de regras para seu incrementar teu firewall!
lembresse de testar antes em bancada...
LEMBRANDO QUE TODOS OS CREDITOS SÃO DEVIDO AO USUARIO E MEU AMIGO MAGNUSRK8
FONTE lista-wireless.com
é só colar no terminal o seguinte comando:
Código :/ip firewall filter add action=drop chain=forward comment="Bloqueio dos P2P" disabled=no p2p=\ all-p2p add action=drop chain=forward comment="Bloqueio do Ares" disabled=no \ dst-port=0 protocol=udp add action=drop chain=forward comment="" disabled=no p2p=warez add action=drop chain=forward comment="" disabled=no protocol=udp src-port=0 add action=log chain=input comment="Log everything else" disabled=no \ dst-port=22 log-prefix="DROP SSH" protocol=tcp add action=accept chain=forward comment=" permitir conex es relacionadas" \ connection-state=related disabled=no add action=accept chain=forward comment=" permite estabelecer conex es" \ connection-state=established disabled=no add action=accept chain=input comment="aceitando 50 pings a cada 5 segundos" \ disabled=no limit=50/5s,2 protocol=icmp add action=drop chain=input comment="bloqueando o excesso" disabled=no \ protocol=icmp add action=drop chain=input comment="drop ssh brute forcers" disabled=no \ dst-port=22 protocol=tcp src-address-list=ssh_blacklist add action=add-src-to-address-list address-list=ssh_blacklist \ address-list-timeout=1w3d chain=input comment="" connection-state=new \ disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage3 add action=add-src-to-address-list address-list=ssh_stage3 \ address-list-timeout=1m chain=input comment="" connection-state=new \ disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage2 add action=add-src-to-address-list address-list=ssh_stage2 \ address-list-timeout=1m chain=input comment="" connection-state=new \ disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage1 add action=add-src-to-address-list address-list=ssh_stage1 \ address-list-timeout=1m chain=input comment="" connection-state=new \ disabled=no dst-port=22 protocol=tcp add action=drop chain=input comment="drop ftp brute" disabled=no dst-port=21 \ protocol=tcp src-address-list=ftp_blacklist add action=accept chain=output comment="" content="530 Login incorrect" \ disabled=no dst-limit=1/1m,9,dst-address/1m protocol=tcp add action=add-dst-to-address-list address-list=ftp_blacklist \ address-list-timeout=3h chain=output comment="" content=\ "530 Login incorrect" disabled=no protocol=tcp add action=drop chain=forward comment="Bloqueia conex es inv lidas" \ connection-state=invalid disabled=no add action=drop chain=virus comment="" disabled=no dst-port=67-68 protocol=\ udp add action=drop chain=virus comment=" Drop Blaster Worm" disabled=no \ dst-port=135-139 protocol=tcp add action=drop chain=virus comment=" Drop Messenger Worm" disabled=no \ dst-port=135-139 protocol=udp add action=drop chain=virus comment=" Drop Blaster Worm" disabled=no \ dst-port=445 protocol=tcp add action=drop chain=virus comment=" Drop Blaster Worm" disabled=no \ dst-port=445 protocol=udp add action=drop chain=virus comment=" ________" disabled=no dst-port=593 \ protocol=tcp add action=drop chain=virus comment=" ________" disabled=no dst-port=\ 1024-1030 protocol=tcp add action=drop chain=virus comment=" Drop MyDoom" disabled=no dst-port=1080 \ protocol=tcp add action=drop chain=virus comment=" ________" disabled=no dst-port=1214 \ protocol=tcp add action=drop chain=virus comment=" ndm requester" disabled=no dst-port=\ 1363 protocol=tcp add action=drop chain=virus comment=" ndm server" disabled=no dst-port=1364 \ protocol=tcp add action=drop chain=virus comment=" screen cast" disabled=no dst-port=1368 \ protocol=tcp add action=drop chain=virus comment=" hromgrafx" disabled=no dst-port=1373 \ protocol=tcp add action=drop chain=virus comment=" cichlid" disabled=no dst-port=1377 \ protocol=tcp add action=drop chain=virus comment=" Worm" disabled=no dst-port=1433-1434 \ protocol=tcp add action=drop chain=virus comment=" Bagle Virus" disabled=no dst-port=2745 \ protocol=tcp add action=drop chain=virus comment=" Drop Dumaru.Y" disabled=no dst-port=\ 2283 protocol=tcp add action=drop chain=virus comment=" Drop Beagle" disabled=no dst-port=2535 \ protocol=tcp add action=drop chain=virus comment=" Drop Beagle.C-K" disabled=no dst-port=\ 2745 protocol=tcp add action=drop chain=virus comment=" Drop MyDoom" disabled=no dst-port=\ 3127-3128 protocol=tcp add action=drop chain=virus comment=" Drop Backdoor OptixPro" disabled=no \ dst-port=3410 protocol=tcp add action=drop chain=virus comment=" Worm" disabled=no dst-port=4444 \ protocol=tcp add action=drop chain=virus comment=" Worm" disabled=no dst-port=4444 \ protocol=udp add action=drop chain=virus comment=" Drop Sasser" disabled=no dst-port=5554 \ protocol=tcp add action=drop chain=virus comment="Drop Beagle.B" disabled=no dst-port=8866 \ protocol=tcp add action=drop chain=virus comment=" Drop Dabber.A-B" disabled=no dst-port=\ 9898 protocol=tcp add action=drop chain=virus comment=" Drop MyDoom.B" disabled=no dst-port=\ 10080 protocol=tcp add action=drop chain=virus comment=" Drop NetBus" disabled=no dst-port=\ 12345 protocol=tcp add action=drop chain=virus comment="" disabled=no add action=drop chain=virus comment=" Drop SubSeven" disabled=no dst-port=\ 27374 protocol=tcp add action=drop chain=virus comment=" Drop PhatBot, Agobot, Gaobot" \ disabled=no dst-port=65506 protocol=tcp add action=jump chain=forward comment=" jump to the virus chain" disabled=no \ jump-target=virus add action=accept chain=forward comment=" Allow HTTP" disabled=no dst-port=\ 80 protocol=tcp add action=accept chain=forward comment=" Allow SMTP" disabled=no dst-port=\ 25 protocol=tcp add action=accept chain=forward comment=" allow TCP" disabled=no protocol=\ tcp add action=accept chain=forward comment=" allow ping" disabled=no protocol=\ icmp add action=accept chain=forward comment=" allow udp" disabled=no protocol=\ udp add action=drop chain=forward comment=" drop everything else" disabled=no