Postado originalmente por
adelsonbbg
galera achei essas regras no site oficial do mikrotik e gostaria de implantar em meu firewall , mais antes gostaria de saber para q serve cada regra
coloquei todas a baixo e quem quizer ajudar posta ai a regra e para q ela serve
vamos lá galera vamos enriquecer nosso forum
0 ;;; Drop Black List IPs
chain=input in-interface=Cloud src-address-list=Black list action=drop
8 ;;; Drop invalid connections
chain=input connection-state=invalid action=drop
9 ;;; Accept related connections
chain=input connection-state=related action=accept
10 ;;; Accept established connections
chain=input connection-state=established action=accept
11 ;;; !!! Check for well-known viruses !!!
chain=input action=jump jump-target=virus
12 ;;; UDP
chain=input protocol=udp action=accept
13 ;;; Allow limited pings 50 over 5 seconds
chain=input protocol=icmp limit=50/5s,2 action=accept
14 ;;; Drop excess Pings
chain=input protocol=icmp action=drop
15 ;;; Allow Winbox connection
chain=input protocol=tcp dst-port=8291 action=accept
16 ;;; TIT1 traffic allowed
chain=input src-address=10.0.0.0/24 action=accept
17 ;;; Home Office traffic allowed
chain=input src-address=192.168.0.0/24 action=accept
18 ;;; Log and drop everything else
chain=input action=log log-prefix=""
19 X ;;; Log and drop everything else
chain=input action=drop
20 ;;; Drop invalid connections
chain=forward connection-state=invalid action=drop
21 ;;; Established connections
chain=forward connection-state=established action=accept
22 ;;; Related connections
chain=forward connection-state=related action=accept
23 ;;; !!! Check for well-known viruses !!!
chain=forward action=jump jump-target=virus
24 ;;; UDP
chain=forward protocol=udp action=accept
25 ;;; Allow limited pings: 50 over 5 seconds
chain=forward protocol=icmp limit=50/5s,2 action=accept
26 ;;; Drop excess Pings
chain=forward protocol=icmp action=drop
27 X chain=forward action=drop