返回列表 發帖
角色

Rank: 2
1# 跳轉到 » 倒序看帖
打印
tT
發表於 2014-8-19 02:10 | 只看該作者

【RouterOS】—— Allow certain request from Interent

  1. /ip firewall filter
  2. add chain=input comment="Accept established connections" connection-state=established
  3. add chain=input comment="Accept related connections" connection-state=related
  4. add chain=input comment=UDP protocol=udp
  5. add action=drop chain=input comment="Drop invalid connections" connection-state=invalid
  6. add action=log chain=input comment="Log everything else" log-prefix="DROP INPUT"
  7. add action=drop chain=input comment=winbox dst-port=8291 in-interface=ether1 protocol=tcp
  8. add action=drop chain=input comment="SSH for secure shell" dst-port=22 in-interface=ether1 protocol=tcp
  9. add action=drop chain=input comment="Telnet shell" dst-port=23 in-interface=ether1 protocol=tcp
  10. add chain=input comment="Allow limited pings" limit=50/5s,2 protocol=icmp
  11. add action=drop chain=input comment="Drop excess pings" protocol=icmp
  12. add action=drop chain=input comment="Drop everything else" in-interface=ether1
複製代碼
收藏 分享

返回列表