Scribd Logo
Importer

Bienvenue sur Scribd !

  • Firewall Mikrotik L3

    Transféré par

    jhonnathan0103
    164 vues5 pages

    Titre original

    Firewall_Mikrotik_L3.docx

    Copyright

    © © All Rights Reserved

    Formats disponibles

    DOCX, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme DOCX, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    164 vues5 pages

    Firewall Mikrotik L3

    Transféré par

    jhonnathan0103

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme DOCX, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 5

    GABRIEL REEMPLAZA LAN1, LAN2, ETC POR LAS INTERFACES LAN QUE TENGAS, SI TIENES MAS INTERFACES LAN

    AÑADE MAS REGLAS IGUALES. Y LO QUE DICE


    WAN LO REEMPLAZAS POR INTERFACES DONDE ESTA CONECTADA LA LINEA DE LEVEL 3. ESTAS REGLAS AÑADELAS EN: ip / firewall / filter

    /ip firewall address-list


    add address=upgrade.mikrotik.com list=upgrade-list

    ************************************* REGLAS DE PROTECCION DE SPAM Y MALWARE

    add action=drop chain=forward comment="BLOCK SPAM” dst-port=25 in-interface=LAN1 protocol=tcp

    add action=drop chain=forward dst-port=25 in-interface=LAN2

    add action=drop chain=forward dst-port=25 in-interface=LAN3

    add action=drop chain=forward comment="BLOCK DOFOIL OR GAMARUE MALWARE" dst-address=\

    184.105.192.2 dst-port=443 in-interface=LAN1 protocol=tcp

    add action=drop chain=forward dst-address=184.105.192.2 dst-port=443 in-interface=LAN2 protocol=tcp

    add action=drop chain=forward dst-address=184.105.192.2 dst-port=443 in-interface=LAN3 protocol=tcp

    ************************************* REGLAS DE PROTECCION DE CONEXIONES ESTABLECIDAS

    add action=accept chain=input comment="Established connections" connection-state=established in-interface=WAN

    add action=accept chain=input comment="Related connections" connection-state=related in-interface=WAN

    add action=drop chain=input comment="Drop invalid connections" connection-state=invalid log=yes log-prefix=INVALID

    add action=drop chain=input comment="drop telnet brute forcers" dst-port=23 protocol=tcp src-address-list=telnet_blacklist

    add action=add-src-to-address-list address-list=telnet_blacklistt address-list-timeout=1w3d chain=input connection-state=new dst-port=23 \

    protocol=tcp src-address-list=telnet_stage3

    add action=add-src-to-address-list address-list=telnet_stage3 address-list-timeout=1m chain=input connection-state=new dst-port=23 \


    protocol=tcp src-address-list=telnet_stage2

    add action=add-src-to-address-list address-list=telnet_stage2 address-list-timeout=1m chain=input connection-state=new dst-port=23 \

    protocol=tcp src-address-list=telnet_stage1

    add action=add-src-to-address-list address-list=telnet_stage1 address-list-timeout=1m chain=input connection-state=new dst-port=23 protocol=tcp

    add action=jump chain=input comment="!!! Check for well-known viruses !!! " jump-target=virus

    add action=accept chain=input comment=ICMP protocol=icmp

    add action=jump chain=input comment="Jump to demo chain" jump-target=demo

    add action=drop chain=input comment="Drop everything else" in-interface=WAN log-prefix=DROP

    add action=accept chain=forward comment="Established connections" connection-state=established

    add action=accept chain=forward comment="Related connections" connection-state=related

    add action=drop chain=forward comment="Drop invalid connections" connection-state=invalid log=yes log-prefix=INVALID

    add action=jump chain=forward comment="!!! Check for well-known viruses !!! " jump-target=virus

    add action=accept chain=forward comment=UDP protocol=udp

    add action=accept chain=forward comment=ICMP protocol=icmp

    add action=accept chain=customer comment="From Mikrotikls" src-address=190.216.184.184/29

    add action=log chain=customer comment="Log everything else" log-prefix=DROP

    add action=drop chain=customer comment="Drop everything else"

    add action=drop chain=virus comment="Drop Blaster Worm" dst-port=135-139 protocol=tcp

    add action=drop chain=virus comment="Drop Blaster Worm" dst-port=135-139 protocol=udp

    add action=drop chain=virus comment="Drop Messenger Worm" dst-port=135-139 protocol=udp

    add action=drop chain=virus comment="Drop Blaster Worm" dst-port=445 protocol=tcp


    add action=drop chain=virus comment="Drop Blaster Worm" dst-port=445 protocol=udp

    add action=drop chain=virus comment=________ dst-port=593 protocol=tcp

    add action=drop chain=virus comment=________ dst-port=1024-1030 protocol=tcp

    add action=drop chain=virus comment="Drop MyDoom" dst-port=1080 protocol=tcp

    add action=drop chain=virus comment=________ dst-port=1214 protocol=tcp

    add action=drop chain=virus comment="ndm requester" dst-port=1363 protocol=tcp

    add action=drop chain=virus comment="ndm server" dst-port=1364 protocol=tcp

    add action=drop chain=virus comment="screen cast" dst-port=1368 protocol=tcp

    add action=drop chain=virus comment=hromgrafx dst-port=1373 protocol=tcp

    add action=drop chain=virus comment=cichlid dst-port=1377 protocol=tcp

    add action=drop chain=virus comment=Worm dst-port=1433-1434 protocol=tcp

    add action=drop chain=virus comment="Bagle Virus" dst-port=2745 protocol=tcp

    add action=drop chain=virus comment="Drop Dumaru.Y" dst-port=2283 protocol=tcp

    add action=drop chain=virus comment="Drop Beagle" dst-port=2535 protocol=tcp

    add action=drop chain=virus comment="Drop Beagle.C-K" dst-port=2745 protocol=tcp

    add action=drop chain=virus comment="Drop MyDoom" dst-port=3127-3128 protocol=tcp

    add action=drop chain=virus comment="Drop Backdoor OptixPro" dst-port=3410 protocol=tcp

    add action=drop chain=virus comment=Worm dst-port=4444 protocol=tcp

    add action=drop chain=virus comment=Worm dst-port=4444 protocol=udp

    add action=drop chain=virus comment="Drop Sasser" dst-port=5554 protocol=tcp

    add action=drop chain=virus comment="Conficker virus block" dst-port=5933 protocol=tcp


    add action=drop chain=virus comment="Conficker virus block" dst-port=5933 protocol=udp

    add action=drop chain=virus comment="Drop Beagle.B" dst-port=8866 protocol=tcp

    add action=drop chain=virus comment="Drop Dabber.A-B" dst-port=9898 protocol=tcp

    add action=drop chain=virus comment="Drop Dumaru.Y" dst-port=10000 protocol=tcp

    add action=drop chain=virus comment="Drop MyDoom.B" dst-port=10080 protocol=tcp

    add action=drop chain=virus comment="Drop NetBus" dst-port=12345 protocol=tcp

    add action=drop chain=virus comment="Drop Kuang2" dst-port=17300 protocol=tcp

    add action=drop chain=virus comment="Drop SubSeven" dst-port=27374 protocol=tcp

    add action=drop chain=virus comment="Drop PhatBot, Agobot, Gaobot" dst-port=65506 protocol=tcp

    add action=accept chain=demo comment="Allow WinBox for demo purposes" dst-port=8291 protocol=tcp

    add action=accept chain=demo comment="Allow Desktop Remote for demo purposes" dst-port=3389 protocol=tcp

    add action=accept chain=demo comment="Allow Web for demo purposes" dst-port=80 protocol=tcp

    add action=accept chain=demo comment="Allow Telnet for demo purposes" dst-port=23 protocol=tcp

    add action=accept chain=demo comment="Allow SSH for demo purposes" dst-port=22 protocol=tcp

    add action=accept chain=demo comment="Allow FTP for demo purposes" dst-port=21 protocol=tcp

    add action=accept chain=output connection-state=established,related

    add action=accept chain=output protocol=icmp

    add action=accept chain=output comment="allow NTP" dst-port=123 protocol=udp

    add action=accept chain=output comment="allow DNS" dst-address=200.41.96.26 dst-port=53 protocol=udp

    add action=accept chain=output comment="allow DNS" dst-address=201.234.59.142 dst-port=53 protocol=udp

    add action=accept chain=output comment="allow mail sending" dst-address=190.216.184.189 dst-port=25 protocol=tcp


    add action=accept chain=output dst-address-list=upgrade-list dst-port=80 protocol=tcp

    add action=drop chain=output log-prefix=output

    Vous aimerez peut-être aussi