amigo vc pode da uns conselhos sobre as configurações ???
obrigado
Versão Imprimível
1.8 Firewall Otimizado
1.1 Filters
/ ip firewall filter
add chain=input action=accept dst-port=1863 protocol=tcp comment="REGRAS NOVAS \
MSN" disabled=no
add chain=input action=accept src-port=1863 protocol=tcp comment="" \
disabled=no
add chain=input action=accept dst-port=443 protocol=tcp comment="" disabled=no
add chain=forward action=accept dst-port=443 protocol=tcp comment="" \
disabled=no
add chain=forward action=drop out-interface=DSL1 dst-port=3128 protocol=tcp \
comment="Propaga o Cache pela Internet" disabled=no
add chain=forward action=drop out-interface=DSL2 dst-port=3128 protocol=tcp \
comment="" disabled=no
add chain=forward action=drop out-interface=Webpages dst-port=3128 \
protocol=tcp comment="" disabled=no
add chain=forward action=jump jump-target=seguranca comment="Seguracao" \
disabled=yes
add chain=input action=jump jump-target=seguranca comment="" disabled=yes
add chain=forward action=jump jump-target=VIRUS comment="VIRUS" disabled=yes
add chain=input action=jump jump-target=VIRUS comment="" disabled=yes
add chain=seguranca action=drop p2p=warez comment="" disabled=no
add chain=seguranca action=drop connection-state=invalid comment="" \
disabled=no
add chain=seguranca action=drop dst-port=0 protocol=tcp comment="" disabled=no
add chain=seguranca action=drop src-port=0 protocol=tcp comment="" disabled=no
add chain=seguranca action=drop dst-port=0 protocol=udp comment="" disabled=no
add chain=seguranca action=drop src-port=0 protocol=udp comment="" disabled=no
add chain=VIRUS action=drop src-port=445 protocol=tcp comment="" disabled=no
add chain=VIRUS action=drop dst-port=445 protocol=tcp comment="" disabled=no
add chain=VIRUS action=drop src-port=445 protocol=udp comment="Drop Blaster \
Worm" disabled=no
add chain=VIRUS action=drop dst-port=445 protocol=udp comment="Drop Blaster \
Worm" disabled=no
add chain=VIRUS action=drop src-port=135-139 protocol=tcp comment="" \
disabled=no
add chain=VIRUS action=drop src-port=135-139 protocol=udp comment="" \
disabled=no
add chain=VIRUS action=drop dst-port=135-139 protocol=tcp comment="" \
disabled=no
add chain=VIRUS action=drop dst-port=135-139 protocol=udp comment="" \
disabled=no
add chain=VIRUS action=drop dst-port=593 protocol=tcp comment="________" \
disabled=no
add chain=VIRUS action=drop dst-port=1024-1030 protocol=tcp comment="________" \
disabled=no
add chain=VIRUS action=drop dst-port=1080 protocol=tcp comment="Drop MyDoom" \
disabled=no
add chain=VIRUS action=drop dst-port=1214 protocol=tcp comment="________" \
disabled=no
add chain=VIRUS action=drop dst-port=1363 protocol=tcp comment="ndm requester" \
disabled=no
add chain=VIRUS action=drop dst-port=1364 protocol=tcp comment="ndm server" \
disabled=no
add chain=VIRUS action=drop dst-port=1368 protocol=tcp comment="screen cast" \
disabled=no
add chain=VIRUS action=drop dst-port=1373 protocol=tcp comment="hromgrafx" \
disabled=no
add chain=VIRUS action=drop dst-port=1377 protocol=tcp comment="cichlid" \
disabled=no
add chain=VIRUS action=drop dst-port=2745 protocol=tcp comment="Bagle VIRUS" \
disabled=no
add chain=VIRUS action=drop dst-port=2283 protocol=tcp comment="Drop Dumaru.Y" \
disabled=no
add chain=VIRUS action=drop dst-port=2535 protocol=tcp comment="Drop Beagle" \
disabled=no
add chain=VIRUS action=drop dst-port=2745 protocol=tcp comment="Drop \
Beagle.C-K" disabled=no
add chain=VIRUS action=drop dst-port=3127 protocol=tcp comment="Drop MyDoom" \
disabled=no
add chain=VIRUS action=drop dst-port=3410 protocol=tcp comment="Drop Backdoor \
OptixPro" disabled=no
add chain=VIRUS action=drop dst-port=4444 protocol=tcp comment="Worm" \
disabled=no
add chain=VIRUS action=drop dst-port=4444 protocol=udp comment="Worm" \
disabled=no
add chain=VIRUS action=drop dst-port=5554 protocol=tcp comment="Drop Sasser" \
disabled=no
add chain=VIRUS action=drop dst-port=8866 protocol=tcp comment="Drop Beagle.B" \
disabled=no
add chain=VIRUS action=drop dst-port=9898 protocol=tcp comment="Drop \
Dabber.A-B" disabled=no
add chain=VIRUS action=drop dst-port=10000 protocol=tcp comment="Drop \
Dumaru.Y" disabled=no
add chain=VIRUS action=drop dst-port=10080 protocol=tcp comment="Drop \
MyDoom.B" disabled=no
add chain=VIRUS action=drop dst-port=12345 protocol=tcp comment="Drop NetBus" \
disabled=no
add chain=VIRUS action=drop dst-port=17300 protocol=tcp comment="Drop Kuang2" \
disabled=no
add chain=VIRUS action=drop dst-port=27374 protocol=tcp comment="Drop \
SubSeven" disabled=no
add chain=VIRUS action=drop dst-port=65506 protocol=tcp comment="Drop PhatBot, \
Agobot, Gaobot" disabled=no
add chain=VIRUS action=drop dst-port=513 protocol=tcp comment="" disabled=no
add chain=VIRUS action=drop dst-port=513 protocol=udp comment="" disabled=no
add chain=VIRUS action=drop dst-port=525 protocol=tcp comment="" disabled=no
add chain=VIRUS action=drop dst-port=525 protocol=udp comment="" disabled=no
add chain=VIRUS action=drop dst-port=568-569 protocol=tcp comment="" \
disabled=no
add chain=VIRUS action=drop dst-port=568-569 protocol=udp comment="" \
disabled=no
add chain=VIRUS action=drop dst-port=1512 protocol=tcp comment="" disabled=no
add chain=VIRUS action=drop dst-port=1512 protocol=udp comment="" disabled=no
add chain=VIRUS action=drop dst-port=396 protocol=tcp comment="" disabled=no
add chain=VIRUS action=drop dst-port=396 protocol=udp comment="" disabled=no
add chain=VIRUS action=drop dst-port=1366 protocol=tcp comment="" disabled=no
add chain=VIRUS action=drop dst-port=1366 protocol=udp comment="" disabled=no
add chain=VIRUS action=drop dst-port=1416 protocol=tcp comment="" disabled=no
add chain=VIRUS action=drop dst-port=1416 protocol=udp comment="" disabled=no
add chain=VIRUS action=drop dst-port=201-209 protocol=tcp comment="" \
disabled=no
add chain=VIRUS action=drop dst-port=201-209 protocol=udp comment="" \
disabled=no
add chain=VIRUS action=drop dst-port=545 protocol=tcp comment="" disabled=no
add chain=VIRUS action=drop dst-port=545 protocol=udp comment="" disabled=no
add chain=VIRUS action=drop dst-port=1381 protocol=udp comment="" disabled=no
add chain=VIRUS action=drop dst-port=1381 protocol=tcp comment="" disabled=no
add chain=VIRUS action=drop dst-port=3031 protocol=tcp comment="" disabled=no
add chain=VIRUS action=drop dst-port=3031 protocol=udp comment="" disabled=no
Galera drop alguns virus... e algumas portas...
está ou tem mais alguns q passo embranco ???
vlww
galera algum sugestao ???
preciso da ajuda de vc´s.. obrigado
No FreeBSD vc pode colocar uma placa de rede com 4 saidas...
Veja se entendeu...
Saudações,
amigo axo que entendi seu desenho, mais eu queria somente fazer o load balance pelo PfSense, e naum sei c precisa... sobre o banco.. para nao da akele pau de ip. So queria usar o Pfsense para o load balance mesmo, e a comunicação entre o mikrotik e p pfsense com os 3 links com load balance, e redirecionando as portas https (443) para o link de Ipfixo.
A comunicação qual seria melhor.. eu fazer um pppoE server no Pfsense e fazer o mikrotik discar para o Pfsense ? ou so setar o ip dele na interface de entra dos links no miikrotik ??
porque eu vo usar o provebuntu(um excelente administrador) em paralelo ao mikrotik.
esperandu suas resposta.. obrigado...
sobre akele servidor que vc coloco abaixo do RouterOs.. o que seria ele ??
muito obrigado