Página 2 de 2 PrimeiroPrimeiro 12
+ Responder ao Tópico



  1. #7

    Padrão Nat

    O NAT

    chain=srcnat src-address=10.10.0.0/16 action=masquerade

    chain=srcnat src-address=20.20.0.0/16 action=masquerade

    chain=srcnat src-address=30.30.0.0/16 action=masquerade

    chain=srcnat src-address=40.40.0.0/16 action=masquerade

    chain=dstnat src-address=10.10.0.0/16 protocol=tcp dst-port=80
    action=redirect to-ports=3126

    chain=dstnat src-address=20.20.0.0/16 protocol=tcp dst-port=80
    action=redirect to-ports=3126

    chain=dstnat src-address=30.30.0.0/16 protocol=tcp dst-port=80
    action=redirect to-ports=3126

    chain=dstnat src-address=40.40.0.0/16 protocol=tcp dst-port=80
    action=redirect to-ports=3126

  2. #8

    Padrão Mangle

    0 ;;; Ajuste de Bloqueio SSH e Telnet
    chain=prerouting protocol=tcp dst-port=22-23
    action=add-src-to-address-list address-list=drop_port_22_23
    address-list-timeout=0s

    1 ;;; MSN
    chain=prerouting protocol=tcp src-port=1863 action=mark-packet
    new-packet-mark=msn-out passthrough=yes

    2 chain=prerouting protocol=tcp dst-port=1863 action=mark-packet
    new-packet-mark=msn-in passthrough=yes

    3 ;;; HTTP
    chain=prerouting protocol=tcp dst-port=80 action=mark-connection
    new-connection-mark=http_conn passthrough=yes

    4 chain=prerouting connection-mark=http_conn action=mark-packet
    new-packet-mark=http_down passthrough=yes



  3. #9

    Padrão Address List

    # LIST ADDRESS
    0 not_in_internet 0.0.0.0/8
    1 not_in_internet 169.254.0.0/16
    2 not_in_internet 127.0.0.0/8
    3 not_in_internet 224.0.0.0/3
    4 drop_port_22_23 0.0.0.0
    5 port scaners 0.0.0.0


    Obrigado