Evitar Blacklist

**gutemberg** · 14-07-2023, 18:16

Aqui está uma script pronto para quem deseja aplicar e evitar seus ips publicos entrarem em BlackList.

/ip firewall address-list

add address=10.0.0.0/8 list=bogons
add address=172.16.0.0/12 list=bogons
add address=192.168.0.0/16 list=bogons
add address=100.64.0.0/10 list=bogons

/ip firewall filter

add action=add-src-to-address-list address-list=atacante-addr address-list-timeout=1d chain=forward comment=\
"Descobre IP que esta atacando alguma porta externa da internet." dst-address-list=!bogons dst-port=25025,25,2525,587,465,445,1433 \
limit=6,5:packet protocol=tcp src-address-list=bogons tcp-flags=syn

add action=accept chain=forward comment="Aceita conex\F5es verdadeiras." dst-address-list=!bogons \
dst-port=25025,25,2525,587,465,445,1433 limit=1,5:packet protocol=tcp src-address-list=!atacante-addr

add action=drop chain=forward comment=\
"Bloqueia requisicoes com destino servidores SMTP(25,587,465) SMB(445) MSSQL(1433) - evita ips publico na blacklist" \
dst-address-list=!bogons dst-address-type=!local dst-port=25025,25,2525,587,465,445,1433 protocol=tcp src-address-list=\
atacante-addr

Evitar Blacklist

Ferramentas de Tópicos

Evitar Blacklist